Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

2.0.22 backports #2547

Merged
merged 10 commits into from
Jul 25, 2023
Merged

2.0.22 backports #2547

merged 10 commits into from
Jul 25, 2023

Conversation

xrmx
Copy link
Collaborator

@xrmx xrmx commented Jul 25, 2023

No description provided.

YoungZiyi and others added 10 commits July 25, 2023 15:40
…ation

HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi.
Special characters in the origin response header can truncate/split the response forwarded to the client.

Fix unbit#2538

origin: https://github.com/apache/httpd/commit/d753ea76b5972a85349b68c31b59d04c60014f2d.patch
bug-cve: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522
Since ubuntu 18.04 is gone. While at it remove deadsnakes install on
rake job.
The rack/ruby plugin code references rb_obj_taint(), which has been
removed from Ruby 3.2. The function has been deprecated for a long time,
and hasn't been doing anything useful since Ruby 2.7.

Fix unbit#2532
It does not build with recent v8 so disable it.
Remove plugin that does not build anymore.
@xrmx xrmx merged commit aba6903 into unbit:uwsgi-2.0 Jul 25, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants