Package "libapache2-mod-proxy-uwsgi"

Name: libapache2-mod-proxy-uwsgi


uwsgi proxy module for Apache2 (mod_uwsgi)

Latest version: 2.0.15-10.2ubuntu2.2
Release: bionic (18.04)
Level: security
Repository: universe
Head package: uwsgi
Homepage: http://projects.unbit.it/uwsgi/


Download "libapache2-mod-proxy-uwsgi"

Other versions of "libapache2-mod-proxy-uwsgi" in Bionic

Repository Area Version
base universe 2.0.15-10.2ubuntu2
updates universe 2.0.15-10.2ubuntu2.2


Version: 2.0.15-10.2ubuntu2.2 2021-08-26 22:06:18 UTC

  uwsgi (2.0.15-10.2ubuntu2.2) bionic-security; urgency=medium

  * SECURITY UPDATE: Buffer Overflow Vulnerability
    - debian/patches/CVE-2020-11984.patch: Error out on HTTP header larger
      than 16K.
    - CVE-2020-11984

 -- Paulo Flabiano Smorigo <email address hidden> Fri, 20 Aug 2021 13:49:27 +0000

Source diff to previous version
CVE-2020-11984 Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE

Version: 2.0.15-10.2ubuntu2.1 2018-10-01 14:06:56 UTC

  uwsgi (2.0.15-10.2ubuntu2.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Directory traversal
    - debian/patches/CVE-2018-7490.patch: enforce php default document_root
      behaviour, to not show external files
    - CVE-2018-7490
  * Add gccgo-7 as build-depends to avoid FTBFS
    - This fix was taken from 2.0.15-11

 -- Mike Salvatore <email address hidden> Thu, 27 Sep 2018 13:50:27 -0400

CVE-2018-7490 uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the --php-docroot option, allowing directory traversal.

About   -   Send Feedback to @ubuntu_updates