[pkg-uWSGI-devel] Bug#995368: libapache2-mod-proxy-uwsgi - CVE-2021-36160 regression, altered PATH_INFO
Sylvain Beucler
beuc at beuc.net
Tue Oct 5 17:41:37 BST 2021
tags 995368 + upstream
forwarded 995368 https://bz.apache.org/bugzilla/show_bug.cgi?id=65616
thanks
Note: there doesn't seem to be actual path duplication at the UWSGI
level, AFAICS Django just gets confused by the additional '/' at the
start of PATH_INFO and incorrectly duplicates the path in the debug
error page.
More information about the pkg-uWSGI-devel
mailing list