Sam wrote:
http://online.securityfocus.com/archive/1/302169/2002-12-03/2002-12-09/2
This vulnerability was reported last month. The report
says mod_jk 1.2.1 as fixing the vulnerability.
Yet I have searched Bugzilla for reference to this vuln.
as well as looking at mod_jk.c to see what revision was
changed, but I have not been able to locate this change.
Can anyone shed some light as to whether this vuln. was fixed
or not, and if so, and what source file(s) were changed? I cannot seem to find it.
jk 1.2.1 should have fixed this, and we're today at jk 1.2.2 release.
-- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
