What Are You Looking For?

Sign Up

Package        : gunicorn
Version        : 0.14.5-3+deb7u2
CVE ID         : CVE-2018-1000164
Debian Bug     : #896548

It was discovered that there was an issue in the gunicorn HTTP server for
Python applicatons where CRLF sequences could result in an attacker tricking
the server into returning arbitrary headers.

For more information and background, please see:

  
For Debian 7 "Wheezy", this issue has been fixed in gunicorn version
0.14.5-3+deb7u2.

We recommend that you upgrade your gunicorn packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

Debian LTS: DLA-1357-1: gunicorn security update

April 22, 2018
It was discovered that there was an issue in the gunicorn HTTP server for Python applicatons where CRLF sequences could result in an attacker tricking the server into returning arb...

Summary


For Debian 7 "Wheezy", this issue has been fixed in gunicorn version
0.14.5-3+deb7u2.

We recommend that you upgrade your gunicorn packages.


Regards,

- --
,''`.
: :' : Chris Lamb
`. `'` lamby@debian.org / chris-lamb.co.uk
`-



Severity
Package : gunicorn
Version : 0.14.5-3+deb7u2
CVE ID : CVE-2018-1000164
Debian Bug : #896548

Related News

Ubuntu Server Security Best Practices

Oct 15, 2023

Python’s New Security Developer Has Plans to Secure the Language

Nov 26, 2023

Widespread Xorg DoS, Privilege Escalation Vulns Fixed

Nov 13, 2023

Microsoft Surprised the Linux Community by Attending the Ubuntu Summit 2023

Nov 6, 2023

News

Advisories

HOWTOs

Features

Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024

About Us

Powered By

Footer Logo