Your message dated Sat, 8 Oct 2016 12:56:22 +0200
with message-id <20161008105622.lcm5gxim6cpicz5o@eldamar.local>
and subject line Re: Bug#840000: libapache-mod-jk: CVE-2016-6808
has caused the Debian Bug report #840000,
regarding libapache-mod-jk: CVE-2016-6808
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact

Debian Bug Tracking System
Contact with problems
--- Begin Message ---
Source: libapache-mod-jk
Version: 1:1.2.41-1
Severity: important
Tags: security upstream patch


the following vulnerability was published for libapache-mod-jk.

buffer overflow

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:


Please adjust the affected versions in the BTS as needed.


--- End Message ---
--- Begin Message ---
Hi Markus,

On Fri, Oct 07, 2016 at 05:45:15PM +0200, Markus Koschany wrote:
> Looks like Apache is not affected. [1] I guess <unimportant> would be
> justified here.

Thanks for clarifying with upstream. After off-list disucssion with
Moritz, since then it only affects Software under non-Debian we can
even do a <not-affected> (Windows/IIS specific).

I'm updating the tracker right now, and closing this bug accordingly.


--- End Message ---
This is the maintainer address of Debian's Java team
Please use for discussions and questions.

Reply via email to