[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: libapache2-mod-proxy-uwsgi - CVE-2021-36160 regression, altered PATH_INFO

tags 995368 + upstream
forwarded 995368 https://bz.apache.org/bugzilla/show_bug.cgi?id=65616

Note: there doesn't seem to be actual path duplication at the UWSGI level, AFAICS Django just gets confused by the additional '/' at the start of PATH_INFO and incorrectly duplicates the path in the debug error page.

Reply to: