Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 433
Alerts This Week
Warning Icon 1 433

Ubuntu 22.04: USN-5551-1 Addresses Moderate Mod-Wsgi Access Vulnerability

ubuntu
Calendar Grey August 4, 2022
Dist Ubuntu Esm H88
Ubuntu Security Notice USN-5552-1 addresses a critical vulnerability in mod_ssl that impacts various Ubuntu distributions and outlines the steps needed for mitigation.
mod-wsgi could allow unintended access to network services.

Summary

mod-wsgi could allow unintended access to network services.

Software Description:

- mod-wsgi: Python WSGI adapter module for Apache

Details:

It was discovered that mod-wsgi did not correctly remove the X-Client-IP

header when processing requests from untrusted proxies. A remote attacker

could use this issue to pass the header to WSGI applications, contrary

to expectations.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS:
  libapache2-mod-wsgi-py3         4.9.0-1ubuntu0.1

Ubuntu 20.04 LTS:
  libapache2-mod-wsgi             4.6.8-1ubuntu3.1
  libapache2-mod-wsgi-py3         4.6.8-1ubuntu3.1

Ubuntu 18.04 LTS:
  libapache2-mod-wsgi             4.5.17-1ubuntu1.1
  libapache2-mod-wsgi-py3         4.5.17-1ubuntu1.1

After a standard system update you need to restart your web service to make
all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5551-1

CVE-2022-2255

August 04, 2022

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.