USN-5054-1 fixed a vulnerability in uWSGI for Ubuntu 18.04 LTS. This update provides the corresponding fixes for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Felix Wilhelm discovered a buffer overflow flaw in the modproxyuwsgi module. An attacker could use this vulnerability to provoke an information disclosure or potentially remote code execution.
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "libapache2-mod-proxy-uwsgi" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "libapache2-mod-proxy-uwsgi-dbg" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "libapache2-mod-proxy-uwsgi-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "libapache2-mod-ruwsgi" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "libapache2-mod-ruwsgi-dbg" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "libapache2-mod-ruwsgi-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "libapache2-mod-uwsgi" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "libapache2-mod-uwsgi-dbg" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "libapache2-mod-uwsgi-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "python-uwsgidecorators" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "python3-uwsgidecorators" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-app-integration-plugins" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-app-integration-plugins-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-core" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-core-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-dbg" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-emperor" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-emperor-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-extra" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-infrastructure-plugins" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-infrastructure-plugins-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-alarm-curl" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-alarm-curl-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-alarm-xmpp" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-alarm-xmpp-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-curl-cron" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-curl-cron-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-emperor-pg" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-emperor-pg-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-erlang" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-erlang-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-fiber" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-fiber-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-geoip" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-geoip-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-graylog2" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-graylog2-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-greenlet-python" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-greenlet-python-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-jvm-openjdk-6" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-jvm-openjdk-6-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-jvm-openjdk-7" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-jvm-openjdk-7-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-jwsgi-openjdk-6" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-jwsgi-openjdk-6-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-jwsgi-openjdk-7" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-jwsgi-openjdk-7-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-ldap" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-ldap-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-lua5.1" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-lua5.1-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-lua5.2" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-lua5.2-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-php" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-php-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-psgi" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-psgi-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-pyerl-python" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-pyerl-python-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-pyerl-python3" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-pyerl-python3-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-python" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-python-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-python3" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-python3-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-rack-ruby1.9.1" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-rack-ruby1.9.1-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-rbthreads" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-rbthreads-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-router-access" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-router-access-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-sqlite3" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-sqlite3-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-v8" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-v8-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-xslt" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugin-xslt-dbgsym" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugins-all" }, { "binary_version": "1.9.17.1-5ubuntu0.1+esm1", "binary_name": "uwsgi-plugins-all-dbgsym" } ] }
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "binaries": [ { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "libapache2-mod-proxy-uwsgi" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "libapache2-mod-proxy-uwsgi-dbg" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "libapache2-mod-proxy-uwsgi-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "libapache2-mod-ruwsgi" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "libapache2-mod-ruwsgi-dbg" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "libapache2-mod-ruwsgi-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "libapache2-mod-uwsgi" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "libapache2-mod-uwsgi-dbg" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "libapache2-mod-uwsgi-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "python-uwsgidecorators" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "python3-uwsgidecorators" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-app-integration-plugins" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-app-integration-plugins-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-core" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-core-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-dbg" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-emperor" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-emperor-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-extra" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-infrastructure-plugins" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-infrastructure-plugins-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-alarm-curl" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-alarm-curl-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-alarm-xmpp" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-alarm-xmpp-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-asyncio-python" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-asyncio-python-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-asyncio-python3" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-asyncio-python3-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-curl-cron" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-curl-cron-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-emperor-pg" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-emperor-pg-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-fiber" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-fiber-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-gccgo" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-gccgo-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-geoip" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-geoip-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-gevent-python" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-gevent-python-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-glusterfs" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-glusterfs-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-graylog2" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-graylog2-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-greenlet-python" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-greenlet-python-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-jvm-openjdk-8" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-jvm-openjdk-8-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-jwsgi-openjdk-8" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-jwsgi-openjdk-8-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-ldap" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-ldap-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-lua5.1" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-lua5.1-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-lua5.2" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-lua5.2-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-luajit" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-luajit-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-mono" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-mono-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-php" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-php-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-psgi" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-psgi-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-python" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-python-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-python3" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-python3-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-rack-ruby2.3" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-rack-ruby2.3-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-rados" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-rados-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-rbthreads" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-rbthreads-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-ring-openjdk-8" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-ring-openjdk-8-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-router-access" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-router-access-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-servlet-openjdk-8" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-servlet-openjdk-8-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-sqlite3" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-sqlite3-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-tornado-python" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-tornado-python-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-v8" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-v8-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-xslt" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugin-xslt-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugins-all" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-plugins-all-dbgsym" }, { "binary_version": "2.0.12-5ubuntu3.2+esm1", "binary_name": "uwsgi-src" } ] }