Bug 1564940 (CVE-2018-1000164) - CVE-2018-1000164 python-gunicorn: Improper neutralization of CRLF Sequences http/wsgi.py:process_headers() can allow an attacker to cause a server to return arbitrary HTTP headers
Summary: CVE-2018-1000164 python-gunicorn: Improper neutralization of CRLF Sequences h...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2018-1000164
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1564941 1567003
Blocks: 1564943
TreeView+ depends on / blocked
 
Reported: 2018-04-09 01:33 UTC by Sam Fowler
Modified: 2021-10-21 19:59 UTC (History)
14 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-10-21 19:59:53 UTC
Embargoed:

Attachments (Terms of Use)

Description Sam Fowler 2018-04-09 01:33:28 UTC 
python-gunicorn before version 19.5.0 has a HTTP response splitting vulnerability in the http/wsgi.py:process_headers() function caused by the improper neutralization of CRLF sequences. An attacker could exploit this to cause a server to return arbitrary HTTP headers.


External References:

https://epadillas.github.io/2018/04/02/http-header-splitting-in-gunicorn-19.4.5


Upstream Issue:

https://github.com/benoitc/gunicorn/issues/1227


Upstream Patch:

https://github.com/benoitc/gunicorn/commit/5263a4ef2a63c62216680876f3813959839608ff
Comment 1 Sam Fowler 2018-04-09 01:33:59 UTC 
Created python-gunicorn tracking bugs for this issue:

Affects: epel-6 [bug 1564941]
Comment 2 Joshua Padman 2018-04-09 06:07:06 UTC 
The version shipped with OpenStack 12 is 19.7.1 and contains the latest fixes.
Note You need to log in before you can comment on or make changes to this bug.