Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 538
Alerts This Week
Warning Icon 1 538

Debian 7: DLA-1357-1 Critical Advisory: Gunicorn Header Exploit

debian lts
Calendar Grey April 22, 2018
Dist Debian Esm H88
Explore a new security patch for gunicorn on Debian 7 aimed at mitigating header injection vulnerabilities along with suggested remedial actions.
It was discovered that there was an issue in the gunicorn HTTP server for Python applicatons where CRLF sequences could result in an attacker tricking the server into returning arb...

Summary


For Debian 7 "Wheezy", this issue has been fixed in gunicorn version
0.14.5-3+deb7u2.

We recommend that you upgrade your gunicorn packages.


Regards,

- --
,'`.
: :' : Chris Lamb
`. `'` lamby@debian.org / chris-lamb.co.uk
`-



Severity
critical
Lowest
Low
Medium
High
Critical

Package: gunicorn
Version: 0.14.5-3+deb7u2
CVE ID: CVE-2018-1000164
Debian Bug: #896548

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.