Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2024:3853-1

Опубликовано: 31 окт. 2024
Источник: suse-cvrf

Описание

Security update for uwsgi

This update for uwsgi fixes the following issues:

  • CVE-2024-24795: Fixed HTTP Response Splitting in multiple modules (bsc#1222332)

Список пакетов

SUSE Linux Enterprise Module for Package Hub 15 SP5
uwsgi-python-2.0.19.1-150300.3.3.1
SUSE Linux Enterprise Module for Package Hub 15 SP6
uwsgi-python-2.0.19.1-150300.3.3.1

Ссылки

Описание

HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Users are recommended to upgrade to version 2.4.59, which fixes this issue.

Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP5:uwsgi-python-2.0.19.1-150300.3.3.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:uwsgi-python-2.0.19.1-150300.3.3.1
Ссылки