[ubuntu/xenial-security] uwsgi 2.0.12-5ubuntu3.2 (Accepted)

Mike Salvatore Mon, 01 Oct 2018 06:02:32 -0700

uwsgi (2.0.12-5ubuntu3.2) xenial-security; urgency=medium

  * SECURITY UPDATE: Directory traversal
    - debian/patches/CVE-2018-7490.patch: enforce php default document_root
      behaviour, to not show external files
    - CVE-2018-7490
  * SECURITY UPDATE: Stack buffer overflow in uwsgi_expand_path()
    - debian/patches/CVE-2018-6758.patch: improve uwsgi_expand_path() to
      sanitize input, avoiding stack corruption and potential security issue
    - CVE-2018-6758


Date: 2018-09-28 15:31:12.640116+00:00
Changed-By: Mike Salvatore <mike.salvat...@canonical.com>
https://launchpad.net/ubuntu/+source/uwsgi/2.0.12-5ubuntu3.2

Sorry, changesfile not available.

-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] uwsgi 2.0.12-5ubuntu3.2 (Accepted)

Reply via email to