Your submission was sent successfully! Close

USN-5054-1: uWSGI vulnerability

30 August 2021

uWSGI could be made to crash if it received specially crafted input.

Releases

Packages

  • uwsgi - fast, self-healing application container server

Details

Felix Wilhelm discovered a buffer overflow flaw in the mod_proxy_uwsgi module.
An attacker could use this vulnerability to provoke an information disclosure
or potentially remote code execution.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04

In general, a standard system update will make all the necessary changes.

References

Related notices

  • USN-4458-1: libapache2-mod-proxy-uwsgi, apache2-utils, libapache2-mod-md, apache2-data, apache2-doc, apache2-dev, apache2, apache2-suexec-custom, apache2-bin, apache2-suexec-pristine, apache2-ssl-dev