https://bugzilla.novell.com/show_bug.cgi?id=366849 User b-novell.com@wundsam.net added comment https://bugzilla.novell.com/show_bug.cgi?id=366849#c279413 Summary: Problem with apache2-mod_jk-1.2.21-59.2 Product: openSUSE 10.3 Version: Final Platform: x86 OS/Version: openSUSE 11.0 Status: NEW Severity: Normal Priority: P5 - None Component: Apache AssignedTo: bnc-team-apache@forge.provo.novell.com ReportedBy: b-novell.com@wundsam.net QAContact: qa@suse.de Found By: Customer We use a Setup with Apache2, Tomcat 5.5 and mod_jk 1.2.21. The Patch 1.2.21-59.2, meant to fix some sort of directory traversals, breaks our functionality. Closer description: * We have serveral apache vhosts, mounting Tomcat application. * In tomcat, all applications are placed in the default (localhost) vhost Before the patch, the mounted applications were available from apache, Now an empty page is returned, and "No virtual host matches [VHOST]" is returned. -------- Description of the problematic patch: * Wed Dec 12 2007 - skh@suse.de - fix CVE-2007-1860: directory traversal [bnc #279413] * Mon Mar 05 2007 - skh@suse.de root@spock:/usr/src/packages/SOURCES # cat tomcat-connectors-CVE-2007-1860.patch diff -Naur ../tomcat-connectors-1.2.21-src.orig/native/common/jk_global.h /native/common/jk_global.h --- ../tomcat-connectors-1.2.21-src.orig/native/common/jk_global.h 2007-02-02 17:27:53.000000000 +0100 +++ ./native/common/jk_global.h 2007-12-12 15:28:38.000000000 +0100 @@ -239,7 +239,7 @@ #define JK_OPT_FWDURICOMPATUNPARSED 0x0002 #define JK_OPT_FWDURIESCAPED 0x0003 -#define JK_OPT_FWDURIDEFAULT JK_OPT_FWDURICOMPAT +#define JK_OPT_FWDURIDEFAULT JK_OPT_FWDURICOMPATUNPARSED #define JK_OPT_FWDKEYSIZE 0x0004 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.