Gentoo Linux Security Advisory GLSA 200906-04 - An error in the Apache Tomcat JK Connector might allow for an information disclosure flaw. The Red Hat Security Response Team discovered that mod_jk does not properly handle (1) requests setting the Content-Length header while not providing data and (2) clients sending repeated requests very quickly. Versions less than 1.2.27 are affected.
ab669108eb1f049a5cca31491f66d8ba37f3704c674feec8df7e2f85ad703c20
Apache Tomcat mod_jk versions 1.2.0 through 1.2.26 suffer from an information disclosure vulnerability.
82a8f73ad304a3a139da882c821b3194c48cbad8270a4c890591b51a66f9f916