[Git][security-tracker-team/security-tracker][master] Add CVE-2023-41081/libapache-mod-jk

Thu Sep 14 08:27:21 BST 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
548c6006 by Salvatore Bonaccorso at 2023-09-14T09:26:52+02:00
Add CVE-2023-41081/libapache-mod-jk

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -34,7 +34,10 @@ CVE-2023-42468 (The com.cutestudio.colordialer application through 2.1.8-2 for A
 CVE-2023-41892 (Craft CMS is a platform for creating digital experiences. This is a hi ...)
 	NOT-FOR-US: Craft CMS
 CVE-2023-41081 (The mod_jk component of Apache Tomcat Connectorsin some circumstances, ...)
-	TODO: check
+	- libapache-mod-jk <unfixed>
+	NOTE: https://lists.apache.org/thread/rd1r26w7271jyqgzr4492tooyt583d8b
+	NOTE: http://www.openwall.com/lists/oss-security/2023/09/13/2
+	NOTE: https://tomcat.apache.org/security-jk.html#Fixed_in_Apache_Tomcat_JK_Connector_1.2.49
 CVE-2023-40850 (netentsec NS-ASG 6.3 is vulnerable to Incorrect Access Control. There  ...)
 	NOT-FOR-US: netentsec NS-ASG
 CVE-2023-40717 (A use of hard-coded credentials vulnerability [CWE-798] inFortiTester2 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/548c60063b0329b42d1cba5f4de7e725e4ca90d7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/548c60063b0329b42d1cba5f4de7e725e4ca90d7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230914/86456b6b/attachment-0001.htm>
