diff options
| author | Bastien Roucariès <rouca@debian.org> | 2024-04-26 19:00:52 +0000 |
|---|---|---|
| committer | Bastien Roucariès <rouca@debian.org> | 2024-04-26 19:00:52 +0000 |
| commit | 55ad4073e1d300aca8d2f10fee697b78a693e02a (patch) | |
| tree | 6f92bea32a664970252f09875a7968890ae61575 | |
| parent | ab7d3d8bc9680961a0e25552eaddfd4eb7c1ba5b (diff) | |
CVE-2024-24795/uwsgi
Add uwsgi due to embeded source of apache2 module
| -rw-r--r-- | data/CVE/list | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list index 1c818dba06..83a26e6c51 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -6609,11 +6609,14 @@ CVE-2024-26745 (In the Linux kernel, the following vulnerability has been resolv CVE-2024-24795 (HTTP Response splitting in multiple modules in Apache HTTP Server allo ...) {DSA-5662-1} - apache2 2.4.59-1 (bug #1068412) + - uwsgi <unfixed> (unimportant) NOTE: https://www.openwall.com/lists/oss-security/2024/04/04/5 NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-24795 NOTE: https://github.com/apache/httpd/commit/a29723ce1af75eed0813c3717d3f6dee9b405ca8 NOTE: Fix will trigger a regression at least in fossil see https://bz.apache.org/bugzilla/show_bug.cgi?id=68905 NOTE: Fossil fix here: https://fossil-scm.org/home/info/f4ffefe708793b03 + NOTE: uwsgi include sources of uwgi apache2 module. Since buster we compile the uwsgi module of apache2 source package. + NOTE: https://github.com/unbit/uwsgi/issues/2635 CVE-2023-38709 (Faulty input validation in the core of Apache allows malicious or expl ...) {DSA-5662-1} - apache2 2.4.59-1 (bug #1068412) |