uwsgi: Multiple vulnerabilities (CVE-2018-6758, CVE-2018-7490)
CVE-2018-6758: The uwsgi_expand_path function in core/utils.c in
Unbit uWSGI through 2.0.15 has a
stack-based buffer overflow via a large directory length.
References:
http://lists.unbit.it/pipermail/uwsgi/2018-February/008835.html
https://nvd.nist.gov/vuln/detail/CVE-2018-6758
Patch:
https://github.com/unbit/uwsgi/commit/cb4636f7c0af2e97a4eef7a3cdcbd85a71247bfe
CVE-2018-7490: uwsgi before 2.0.17 mishandles a DOCUMENT_ROOT check
during use
of the —php-docroot option, allowing directory traversal.
Fixed In Version:
uwsgi 2.0.17
References:
https://uwsgi-docs.readthedocs.io/en/latest/Changelog-2.0.17.html
https://nvd.nist.gov/vuln/detail/CVE-2018-7490
Patch:
https://github.com/unbit/uwsgi/commit/0a480f435ea6feb63deb410ad2bf376ed3f05f8a
(from redmine: issue id 8733, created on 2018-03-26, closed on 2018-03-29)
- Relations:
- copied_to #8734 (closed)
- copied_to #8735 (closed)
- copied_to #8736 (closed)
- copied_to #8737 (closed)
- child #8734 (closed)
- child #8735 (closed)
- child #8736 (closed)
- child #8737 (closed)