MGASA-2022-0182 - Updated python-waitress packages fix security vulnerability

Publication date: 15 May 2022
URL: https://advisories.mageia.org/MGASA-2022-0182.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2022-24761

When using Waitress versions 2.1.0 and prior behind a proxy that does not
properly validate the incoming HTTP request matches the RFC7230 standard,
Waitress and the frontend proxy may disagree on where one request starts
and where it ends. This would allow requests to be smuggled via the
front-end proxy to waitress and later behavior. There are two classes of
vulnerability that may lead to request smuggling that are addressed by
this advisory: The use of Python’s `int()` to parse strings into integers,
leading to `+10` to be parsed as `10`, or `0x01` to be parsed as `1`,
where as the standard specifies that the string should contain only digits
or hex digits; and Waitress does not support chunk extensions, however it
was discarding them without validating that they did not contain illegal
characters. This vulnerability has been patched in Waitress 2.1.1

References:
- https://bugs.mageia.org/show_bug.cgi?id=30248
- https://ubuntu.com/security/notices/USN-5364-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24761

SRPMS:
- 8/core/python-waitress-2.1.1-1.mga8

Mageia 2022-0182: python-waitress security update

When using Waitress versions 2.1.0 and prior behind a proxy that does not properly validate the incoming HTTP request matches the RFC7230 standard, Waitress and the frontend proxy ...

Summary

When using Waitress versions 2.1.0 and prior behind a proxy that does not properly validate the incoming HTTP request matches the RFC7230 standard, Waitress and the frontend proxy may disagree on where one request starts and where it ends. This would allow requests to be smuggled via the front-end proxy to waitress and later behavior. There are two classes of vulnerability that may lead to request smuggling that are addressed by this advisory: The use of Python’s `int()` to parse strings into integers, leading to `+10` to be parsed as `10`, or `0x01` to be parsed as `1`, where as the standard specifies that the string should contain only digits or hex digits; and Waitress does not support chunk extensions, however it was discarding them without validating that they did not contain illegal characters. This vulnerability has been patched in Waitress 2.1.1

References

- https://bugs.mageia.org/show_bug.cgi?id=30248

- https://ubuntu.com/security/notices/USN-5364-1

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24761

Resolution

MGASA-2022-0182 - Updated python-waitress packages fix security vulnerability

SRPMS

- 8/core/python-waitress-2.1.1-1.mga8

Severity
Publication date: 15 May 2022
URL: https://advisories.mageia.org/MGASA-2022-0182.html
Type: security
CVE: CVE-2022-24761

Related News

19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved