-
uwsgi (2.0.15-10.2ubuntu2.2) bionic-security; urgency=medium
* SECURITY UPDATE: Buffer Overflow Vulnerability
- debian/patches/CVE-2020-11984.patch: Error out on HTTP header larger
than 16K.
- CVE-2020-11984
-- Paulo Flabiano Smorigo <email address hidden> Fri, 20 Aug 2021 13:49:27 +0000
-
uwsgi (2.0.15-10.2ubuntu2.1) bionic-security; urgency=medium
* SECURITY UPDATE: Directory traversal
- debian/patches/CVE-2018-7490.patch: enforce php default document_root
behaviour, to not show external files
- CVE-2018-7490
* Add gccgo-7 as build-depends to avoid FTBFS
- This fix was taken from 2.0.15-11
-- Mike Salvatore <email address hidden> Thu, 27 Sep 2018 13:50:27 -0400
-
uwsgi (2.0.15-10.2ubuntu2) bionic; urgency=high
* No change rebuild against ruby-defaults without ruby2.3 support.
-- Dimitri John Ledkov <email address hidden> Thu, 01 Mar 2018 09:36:28 +0000
-
uwsgi (2.0.15-10.2ubuntu1) bionic; urgency=medium
* Migrate to ruby 2.5.
-- Steve Langasek <email address hidden> Wed, 28 Feb 2018 22:25:56 +0000
-
uwsgi (2.0.15-10.2build1) bionic; urgency=medium
* No-change rebuild against libcurl4
-- Steve Langasek <email address hidden> Wed, 28 Feb 2018 08:54:13 +0000
-
uwsgi (2.0.15-10.2) unstable; urgency=medium
* Non-maintainer upload.
* Stack-based buffer overflow in uwsgi_expand_path function (CVE-2018-6758)
(Closes: #889753)
-- Salvatore Bonaccorso <email address hidden> Fri, 09 Feb 2018 21:35:00 +0100
-
uwsgi (2.0.15-10.1build2) bionic; urgency=high
* No change rebuild against openssl1.1.
-- Dimitri John Ledkov <email address hidden> Wed, 07 Feb 2018 11:35:32 +0000
-
uwsgi (2.0.15-10.1build1) bionic; urgency=medium
* No-change rebuild for ruby2.5 update.
-- Matthias Klose <email address hidden> Thu, 01 Feb 2018 19:14:33 +0000
-
uwsgi (2.0.15-10.1) unstable; urgency=medium
* Non-maintainer upload.
* Adds 2to3 as build-depends (Closes: #884671).
-- Thomas Goirand <email address hidden> Wed, 24 Jan 2018 13:23:23 +0000
-
uwsgi (2.0.15-10) unstable; urgency=medium
* Simplify packaging by offloading some parts to separate source:
+ Stop build plugins for PHP.
+ Drop binary package uwsgi-plugin-php.
+ Stop build-depend on php-dev libphp-embed.
* Fix debhelper snippet to skip (not fail) on non-uwsgi-plugin
packages.
* Fix have uwsgi-dev depend on libbsd-dev on kFreeBSD.
Closes: Bug#877801. Thanks to Aaron M. Ucko.
* Fix recent changelog entries coverage of changes to package
relations and provided binary packages.
* Use package priority optional (not extra: obsolete).
* Declare compliance with Debian Policy 4.1.1.
-- Jonas Smedegaard <email address hidden> Fri, 20 Oct 2017 16:13:39 +0200
-
uwsgi (2.0.15-2.1ubuntu3) bionic; urgency=medium
* No-change rebuild for boost soname change.
-- Matthias Klose <email address hidden> Thu, 26 Oct 2017 17:25:36 +0000
-
uwsgi (2.0.15-2.1ubuntu2) artful; urgency=medium
* No-change rebuild for perl 5.26.0.
-- Matthias Klose <email address hidden> Wed, 26 Jul 2017 20:13:35 +0000