uwsgi (2.0.12-5ubuntu3.2) xenial-security; urgency=medium

  * SECURITY UPDATE: Directory traversal
    - debian/patches/CVE-2018-7490.patch: enforce php default document_root
      behaviour, to not show external files
    - CVE-2018-7490
  * SECURITY UPDATE: Stack buffer overflow in uwsgi_expand_path()
    - debian/patches/CVE-2018-6758.patch: improve uwsgi_expand_path() to
      sanitize input, avoiding stack corruption and potential security issue
    - CVE-2018-6758

Date: 2018-09-28 15:31:12.640116+00:00
Changed-By: Mike Salvatore <mike.salvat...@canonical.com>
Signed-By: Ubuntu Archive Robot 
<cjwatson+ubuntu-archive-ro...@chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/uwsgi/2.0.12-5ubuntu3.2
Sorry, changesfile not available.
-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

Reply via email to