Debian 9 Stretch DLA-3000-1 Critical: Waitress Request Smuggling Issue
debian lts
May 12, 2022
Waitress is a Python WSGI server, an application server for Python web apps
Topics Covered
Summary
Security updates to fix request smuggling bugs, when combined with another http
proxy that interprets requests differently. This can lead to a potential for
HTTP request smuggling/splitting whereby Waitress may see two requests while
the front-end server only sees a single HTTP message. This can result in cache
poisoning or unexpected information disclosure.
CVE-2019-16785
Only recognise CRLF as a line-terminator, not a plain LF. Before this
change waitress could see two requests where the front-end proxy only saw
one.
CVE-2019-16786
Waitress would parse the Transfer-Encoding header and only look for a
single string value, if that value was not "chunked" it would fall through
and use the Content-Length header instead. This could allow for Waitress
to treat a single request as multiple requests in the case of HTTP
pipelining.
CVE-2019-16789
Specially crafted requests containing special whitespace characters in the
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: waitress
Version: 1.0.1-1+deb9u1
CVE ID: CVE-2019-16785 CVE-2019-16786 CVE-2019-16789 CVE-2019-16792
Debian Bug: 1008013
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!