[ubuntu/kinetic-proposed] mod-wsgi 4.9.0-1ubuntu1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Mon Jul 25 14:22:12 UTC 2022 

mod-wsgi (4.9.0-1ubuntu1) kinetic; urgency=medium

  * SECURITY UPDATE: Trusted Proxy Headers Removing Bypass
    - debian/patches/CVE-2022-2255.patch: ensure that X-Client-IP header is
      dropped when is not a trusted header in src/server/mod_wsgi.c.
    - CVE-2022-2255

Date: Mon, 25 Jul 2022 09:20:24 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/mod-wsgi/4.9.0-1ubuntu1
-------------- next part --------------
Format: 1.8
Date: Mon, 25 Jul 2022 09:20:24 -0400
Source: mod-wsgi
Built-For-Profiles: noudeb
Architecture: source
Version: 4.9.0-1ubuntu1
Distribution: kinetic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 mod-wsgi (4.9.0-1ubuntu1) kinetic; urgency=medium
 .
   * SECURITY UPDATE: Trusted Proxy Headers Removing Bypass
     - debian/patches/CVE-2022-2255.patch: ensure that X-Client-IP header is
       dropped when is not a trusted header in src/server/mod_wsgi.c.
     - CVE-2022-2255
Checksums-Sha1:
 e242d0373e5031d556d05c33e428ebb91af50593 2143 mod-wsgi_4.9.0-1ubuntu1.dsc
 fd2e7543d0e85e38bb8357026555dd79c7755e03 11556 mod-wsgi_4.9.0-1ubuntu1.debian.tar.xz
 555e72a3fd25c869733cf04968aff1a90d0586e2 8121 mod-wsgi_4.9.0-1ubuntu1_source.buildinfo
Checksums-Sha256:
 5c5c7f254f47ab16928de7bc9b38412446b5a5da622d41f5f13eceeb2f4f3aca 2143 mod-wsgi_4.9.0-1ubuntu1.dsc
 dfb7f6f3186a689f0a517bc5f8952e26ecf3763656e2ae9b7c1c90471ecd5d48 11556 mod-wsgi_4.9.0-1ubuntu1.debian.tar.xz
 8603eeeccea4f6076c77007b1b6b44ad3a1fedb4ab5ebb2bfe05e38f12bf7d9c 8121 mod-wsgi_4.9.0-1ubuntu1_source.buildinfo
Files:
 e68a6a243ac1b2907be994a4397bfd61 2143 httpd optional mod-wsgi_4.9.0-1ubuntu1.dsc
 db4ec6a1b505c845494dc99592780ad4 11556 httpd optional mod-wsgi_4.9.0-1ubuntu1.debian.tar.xz
 f32b991a3c3d3ea2228d9874ca224ef7 8121 httpd optional mod-wsgi_4.9.0-1ubuntu1_source.buildinfo
Original-Maintainer: Debian Python Team <team+python at tracker.debian.org>

More information about the kinetic-changes mailing list