This is an update to the port to its latest version, 1.2.23, which has a fix for possible information disclosure via double encoded paths. See http://tomcat.apache.org/security-jk.html Fix: Here is a patch to update the port, and a patch to update VuXML with the vulnerability.
Responsible Changed From-To: freebsd-ports-bugs->girgen Over to maintainer
girgen 2007-07-04 10:14:30 UTC FreeBSD ports repository Modified files: www/mod_jk Makefile distinfo Log: Upgrade to 1.2.23 to fix a security issue. Submitted by: Nick Barkas <snb@threerings.net> Security: CVE-2007-1860 Security: http://www.freebsd.org/ports/portaudit/d9405748-1342-11dc-a35c-001485ab073e.html PR: ports/113066 Revision Changes Path 1.37 +1 -1 ports/www/mod_jk/Makefile 1.15 +3 -3 ports/www/mod_jk/distinfo _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: open->closed Looks like maintainer forgot to close this PR after he committed the update.