svn commit: r1912280 - in /tomcat/site/trunk: docs/security-jk.html xdocs/security-jk.xml

Wed, 13 Sep 2023 02:28:31 -0700 

Author: markt
Date: Wed Sep 13 09:27:27 2023
New Revision: 1912280

URL: http://svn.apache.org/viewvc?rev=1912280&view=rev
Log:
Update CVE-2023-41081

Modified:
    tomcat/site/trunk/docs/security-jk.html
    tomcat/site/trunk/xdocs/security-jk.xml

Modified: tomcat/site/trunk/docs/security-jk.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-jk.html?rev=1912280&r1=1912279&r2=1912280&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-jk.html (original)
+++ tomcat/site/trunk/docs/security-jk.html Wed Sep 13 09:27:27 2023
@@ -26,7 +26,8 @@
        Such an implicit mapping could result in the unintended exposure of the
        status worker and/or bypass security constraints configured in httpd. As
        of JK 1.2.49, the implicit mapping functionality has been removed and 
all
-       mappings must now be via explicit configuration.</p>
+       mappings must now be via explicit configuration. Only mod_jk is affected
+       by this issue. The ISAPI redirector is not affected.</p>
 
     <p>This was fixed with commit
        <a 
href="https://github.com/apache/tomcat/commit/0095b6cb84f41313ee4c0364b49c766168790792";>0095b6cb</a>.</p>

Modified: tomcat/site/trunk/xdocs/security-jk.xml
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-jk.xml?rev=1912280&r1=1912279&r2=1912280&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-jk.xml (original)
+++ tomcat/site/trunk/xdocs/security-jk.xml Wed Sep 13 09:27:27 2023
@@ -39,7 +39,8 @@
        Such an implicit mapping could result in the unintended exposure of the
        status worker and/or bypass security constraints configured in httpd. As
        of JK 1.2.49, the implicit mapping functionality has been removed and 
all
-       mappings must now be via explicit configuration.</p>
+       mappings must now be via explicit configuration. Only mod_jk is affected
+       by this issue. The ISAPI redirector is not affected.</p>
 
     <p>This was fixed with commit
        <hashlink hash="0095b6cb84f41313ee4c0364b49c766168790792"/>.</p>



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to