Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 5 Mar 2007 21:07:56 GMT
From:      Nick Barkas<snb@threerings.net>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   ports/109949: [patch] www/mod_jk security update to 1.2.21
Message-ID:  <200703052107.l25L7uq7032903@www.freebsd.org>
Resent-Message-ID: <200703052110.l25LA5vQ081085@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help

>Number:         109949
>Category:       ports
>Synopsis:       [patch] www/mod_jk security update to 1.2.21
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Mon Mar 05 21:10:05 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator:     Nick Barkas
>Release:        FreeBSD 6.1-RELEASE-p6 i386
>Organization:
Three Rings Design
>Environment:
FreeBSD lab1.earth.threerings.net 6.1-RELEASE-p6 FreeBSD 6.1-RELEASE-p6 #5: Wed Sep 13 17:45:32 PDT 2006     root@lab1.earth.threerings.net:/usr/obj/usr/src/sys/SMP  i386
>Description:
The Apache Tomcat Connector versions 1.2.19 and 1.2.20 have a stack buffer overflow vulnerability in the map_uri_to_worker() in the mod_jk.so library, triggered by certain long URLs. This allows for arbitrary remote code execution.

See: http://tomcat.apache.org/security-jk.html
http://www.zerodayinitiative.com/advisories/ZDI-07-008.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0774
>How-To-Repeat:
I have not seen any specific exploits.
>Fix:
The attached patch updates the www/mod_jk port to 1.2.21, which should have this vulnerability fixed. It would probably be a good idea to make note of this vulnerability in the VuXML document, as it appears to be rather severe.


Patch attached with submission follows:

diff -urN mod_jk.orig/Makefile mod_jk/Makefile
--- mod_jk.orig/Makefile	Mon Oct  9 09:09:35 2006
+++ mod_jk/Makefile	Mon Mar  5 12:32:48 2007
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	mod_jk
-PORTVERSION=	1.2.19
+PORTVERSION=	1.2.21
 PORTREVISION=	0
 PORTEPOCH?=	1
 CATEGORIES=	www
diff -urN mod_jk.orig/distinfo mod_jk/distinfo
--- mod_jk.orig/distinfo	Mon Oct  9 09:09:35 2006
+++ mod_jk/distinfo	Mon Mar  5 12:54:14 2007
@@ -1,3 +1,3 @@
-MD5 (tomcat-connectors-1.2.19-src.tar.gz) = 9c3b7135a4992c7f39d5f7aef9c25b30
-SHA256 (tomcat-connectors-1.2.19-src.tar.gz) = 7d75e357c6ff083f5b383d53475a3f14d1f6a45294bf0f2de0a8c552a04746c0
-SIZE (tomcat-connectors-1.2.19-src.tar.gz) = 1246419
+MD5 (tomcat-connectors-1.2.21-src.tar.gz) = ed65157ecbea7d3569de08611aa160eb
+SHA256 (tomcat-connectors-1.2.21-src.tar.gz) = 371908f280eeba38e64dce7bb25a398931c182b9b99976a7bb1196a8ba8b8faa
+SIZE (tomcat-connectors-1.2.21-src.tar.gz) = 1334563

>Release-Note:
>Audit-Trail:
>Unformatted:



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200703052107.l25L7uq7032903>