Hello community, here is the log from the commit of package apache2-mod_jk checked in at Mon Mar 5 15:44:01 CET 2007. -------- --- apache2-mod_jk/apache2-mod_jk.changes 2007-01-17 13:51:15.000000000 +0100 +++ /mounts/work_src_done/STABLE/apache2-mod_jk/apache2-mod_jk.changes 2007-03-05 15:10:07.000000000 +0100 @@ -1,0 +2,6 @@ +Mon Mar 5 14:57:06 CET 2007 - skh@suse.de + +- update to version 1.2.21 (fix CVE-2007-0774: Long URL Stack Overflow + Vulnerability, b.n.c. #248157) + +------------------------------------------------------------------- Old: ---- tomcat-connectors-1.2.20-src.tar.gz New: ---- tomcat-connectors-1.2.21-src.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ apache2-mod_jk.spec ++++++ --- /var/tmp/diff_new_pack.N30219/_old 2007-03-05 15:41:29.000000000 +0100 +++ /var/tmp/diff_new_pack.N30219/_new 2007-03-05 15:41:29.000000000 +0100 @@ -1,5 +1,5 @@ # -# spec file for package apache2-mod_jk (Version 1.2.20) +# spec file for package apache2-mod_jk (Version 1.2.21) # # Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine @@ -13,7 +13,7 @@ Name: apache2-mod_jk BuildRequires: apache2-devel java2-devel-packages pcre-devel %define section free -%define connectors_root tomcat-connectors-1.2.20-src +%define connectors_root tomcat-connectors-1.2.21-src %define apache2_sysconfdir %(/usr/sbin/apxs2 -q SYSCONFDIR) %define apache2_libexecdir %(/usr/sbin/apxs2 -q LIBEXECDIR) %define apache_mmn %(MMN=$(/usr/sbin/apxs -q LIBEXECDIR)/MMN; test -x $MMN && $MMN) @@ -21,7 +21,7 @@ %define apache_cflags %(/usr/sbin/apxs -q CFLAGS) %define apache2_cflags %(/usr/sbin/apxs2 -q CFLAGS) Summary: Connectors between Apache and Tomcat Servlet Container -Version: 1.2.20 +Version: 1.2.21 Release: 1 License: Other License(s), see package Group: Productivity/Networking/Web/Frontends @@ -32,7 +32,7 @@ Obsoletes: mod_jk-ap20 Obsoletes: tomcat-mod URL: http://jakarta.apache.org -Source0: http://www.apache.org/dist/tomcat/tomcat-connectors/jk/source/jk-1.2.20/tomc... +Source0: http://www.apache.org/dist/tomcat/tomcat-connectors/jk/source/jk-1.2.20/tomc... Source1: jk.conf Source2: README.SUSE BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -96,7 +96,10 @@ %doc jk.conf %{apache2_libexecdir}/* -%changelog -n apache2-mod_jk +%changelog +* Mon Mar 05 2007 - skh@suse.de +- update to version 1.2.21 (fix CVE-2007-0774: Long URL Stack Overflow + Vulnerability, b.n.c. #248157) * Wed Jan 17 2007 - skh@suse.de - update to newer (sic!) version 1.2.20 - remove apache13 cruft from spec file and patches ++++++ tomcat-connectors-1.2.20-src.tar.gz -> tomcat-connectors-1.2.21-src.tar.gz ++++++ ++++ 35879 lines of diff (skipped) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org