Bug#995368: Bug in Package: libapache2-mod-proxy-uwsgi

To: submit@bugs.debian.org
Subject: Bug#995368: Bug in Package: libapache2-mod-proxy-uwsgi
From: Philippe Accorsi <philippe.accorsi@algoo.fr>
Date: Thu, 30 Sep 2021 13:34:02 +0200
Message-id: <[🔎] 518d409b-7a33-a207-c4ba-2263252d36d7@algoo.fr>
Reply-to: philippe.accorsi@algoo.fr, 995368@bugs.debian.org

Package: libapache2-mod-proxy-uwsgi
Version: 2.0.14+20161117-3+deb9u4_amd64

Hi,

Since the last security update of this package, we can use us application because url is visible two time (ex: /api/auth/login (with old package version) => /api/auth/login/api/auth/login (with new package version)).
We build docker image with OS Debian Stretch and yesterday (2021/09/29 at 12 UTC) everything works good (building image and running application), but yesterday night, after the last build of docker image, the new version of the package is done.
Since this modification, we can't use us application.

I have tried this:

wget http://security.debian.org/debian-security/pool/updates/main/u/uwsgi/libapache2-mod-proxy-uwsgi_2.0.14+20161117-3+deb9u3_amd64.deb
dpkg -i libapache2-mod-proxy-uwsgi_2.0.14+20161117-3+deb9u3_amd64.deb
service stop apache2
service stop uwsgi
service start apache2
service start uwsgi

After that us application is working again.
I not seen why this security fix https://linuxsecurity.com/advisories/deblts/debian-lts-dla-2768-1-uwsgi-security-update-17-53-04 create this kind of bug.

What can be done to solved this "regression" ?

Thanks in advance.
Best regards
Philippe Accorsi

Reply to:

Prev by Date: Przekierowanie ruchu na stronie
Previous by thread: Przekierowanie ruchu na stronie
Index(es):
- Date
- Thread