USN-5551-1: mod-wsgi vulnerability
4 August 2022
mod-wsgi could allow unintended access to network services.
- mod-wsgi - Python WSGI adapter module for Apache
It was discovered that mod-wsgi did not correctly remove the X-Client-IP
header when processing requests from untrusted proxies. A remote attacker
could use this issue to pass the header to WSGI applications, contrary
The problem can be corrected by updating your system to the following package versions:
After a standard system update you need to restart your web service to make
all the necessary changes.