[3.4] uwsgi: Multiple vulnerabilities (CVE-2018-6758, CVE-2018-7490)
CVE-2018-6758: The uwsgi_expand_path function in core/utils.c in
Unbit uWSGI through 2.0.15 has a
stack-based buffer overflow via a large directory length.
References:
http://lists.unbit.it/pipermail/uwsgi/2018-February/008835.html
https://nvd.nist.gov/vuln/detail/CVE-2018-6758
Patch:
https://github.com/unbit/uwsgi/commit/cb4636f7c0af2e97a4eef7a3cdcbd85a71247bfe
CVE-2018-7490: uwsgi before 2.0.17 mishandles a DOCUMENT_ROOT check
during use
of the —php-docroot option, allowing directory traversal.
Fixed In Version:
uwsgi 2.0.17
References:
https://uwsgi-docs.readthedocs.io/en/latest/Changelog-2.0.17.html
https://nvd.nist.gov/vuln/detail/CVE-2018-7490
Patch:
https://github.com/unbit/uwsgi/commit/0a480f435ea6feb63deb410ad2bf376ed3f05f8a
(from redmine: issue id 8737, created on 2018-03-26, closed on 2018-03-29)
- Relations:
- copied_to #8733 (closed)
- parent #8733 (closed)
- Changesets:
- Revision 1308713a by Natanael Copa on 2018-03-27T12:45:24Z:
main/uwsgi: security upgrade to 2.0.17 (CVE-2018-6758,CVE-2018-7490)
fixes #8737