Debian 10261 Published by

A uwsgi security update has been released for Debian GNU/Linux 9 Extended LTS to address a HTTP Response Smuggling vulnerability.



ELA-851-1 uwsgi security update

Package : uwsgi
Version : 2.0.14+20161117-3+deb9u6 (stretch)

Related CVEs :
CVE-2023-27522

A HTTP Response Smuggling vulnerability was fixed mod_proxy_uwsgi
apache module included in uwsgi package. Special characters in the
origin response header can truncate/split the response forwarded to
the client.

  ELA-851-1 uwsgi security update