Gunicorn Security Update for Debian 7

Debian 10203 Published by

Updated gunicorn packages has been released for Debian GNU/Linux 7 LTS



Package : gunicorn
Version : 0.14.5-3+deb7u2
CVE ID : CVE-2018-1000164
Debian Bug : #896548

It was discovered that there was an issue in the gunicorn HTTP server for
Python applicatons where CRLF sequences could result in an attacker tricking
the server into returning arbitrary headers.

For more information and background, please see:

https://epadillas.github.io/2018/04/02/http-header-splitting-in-gunicorn-19.4.5

For Debian 7 "Wheezy", this issue has been fixed in gunicorn version
0.14.5-3+deb7u2.

We recommend that you upgrade your gunicorn packages.
  Gunicorn Security Update for Debian 7

ClamAV, Quagga and 6 more updates for Gentoo

ASUS ROG Strix Scar Edition Laptop Review and more

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...