Description of problem: mod_jk 1.2.19 appears to be vulnerable to CVE-2007-0774. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0774 Could we have mod_jk 1.2.21 made available from Redhat please? Version-Release number of selected component (if applicable): mod_jk-ap20-1.2.19-1jpp_1rh running on RHEL AS4 release 4 on i386.
Looks like this is patched in Application Stack 1.0. Can the same patch be made available in the channel Application Server 2.0? http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230045
*** Bug 231917 has been marked as a duplicate of this bug. ***
Wow, old bug. This was resolved a month after it was filed and never closed: https://rhn.redhat.com/errata/RHSA-2007-0164.html