Ubuntu alert USN-8369-1 (libapache-mod-jk)
| From: | noreply+usn-bot--- via ubuntu-security-announce <ubuntu-security-announce@lists.ubuntu.com> | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-8369-1] Apache Tomcat Connectors vulnerability | |
| Date: | Tue, 02 Jun 2026 16:07:29 +0000 | |
| Message-ID: | <E1wUReL-0004I2-HI@lists.ubuntu.com> | |
| Cc: | noreply+usn-bot@canonical.com |
========================================================================== Ubuntu Security Notice USN-8369-1 June 02, 2026 libapache-mod-jk vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Apache Tomcat Connectors could allow local users to expose sensitive information or cause a denial of service. Software Description: - libapache-mod-jk: Apache 2 connector for the Tomcat Java servlet engine Details: It was discovered that Apache Tomcat Connectors used incorrect default permissions for shared memory on Unix-like systems. A local attacker could possibly use this issue to view or modify mod_jk configuration data in shared memory, resulting in sensitive information exposure or a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS libapache2-mod-jk 1:1.2.49-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 22.04 LTS libapache2-mod-jk 1:1.2.48-1ubuntu0.1+esm1 Available with Ubuntu Pro Ubuntu 20.04 LTS libapache2-mod-jk 1:1.2.46-1ubuntu0.1+esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS libapache2-mod-jk 1:1.2.43-1ubuntu0.1~esm2 Available with Ubuntu Pro Ubuntu 16.04 LTS libapache2-mod-jk 1:1.2.41-1ubuntu0.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8369-1 CVE-2024-46544
Attachment: signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAmoe/vIACgkQcpJm3tlz hgGSCg/+OjZV/iINqO1pQlVrcWUqfU6u/TyKZ8RqTaggXXutVNmXjA5Q5k6jinox hpuOpki3eJd4Vj5yihOWKpj3iu5MpSAQOcKapiNOCnJkAgZBDYEz7794HZc9Dk1u uaNNZRLodRobC7KLMFgE0VxAgDJltDU/paccFW+S8Vhz1MSn4P3kHN+zCdJx2tuv 25/CnFFz6WI3eak33FTIc67keY1vOUXaJeGz0k22+oAbQfgw5MWSnugiSup4xwXH AuBN4kZUFQyu02nkt+xTTVa5lCt+qxBAoBpcDC1szOZrracqonVORN7YVybDpGvD keED3b4sr9a9BScnM1JUSQcbjGGPWPhXRWrVlv3Ve8qR7SKvftT9nJ2G8CEgFncM LDl9mKPcYGmizVT8PPucebcG1EY5B0sSxzuMpJFUwg/WpQQw0GIbVJZIA7zCmyji skgRRqcUB83paBflDWJhtahaYQFo2yEwAwMj5BTbXnMgwoqitpv3rBuQKMeptosY XPB7tnYoTnGGrCqgFyY+RYyiwoo1lLq11I9aaCLutzvBcorzox+mzPw48TsD0a+u bmv9pkMR76PwLw1UCh43begAVuVvPj2hzhvCLmsV3BI93fXdZBXWQTgQhPAp8ewG w6t9qkhoRsK9vToko113EouokIo/EIZizQSNJj5bjMXvpwlVVIY= =BZJe -----END PGP SIGNATURE-----