==========================================================================
Ubuntu Security Notice USN-4022-1
June 19, 2019

Gunicorn vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 16.04 LTS

Summary:

Gunicorn could allow cross-site scripting (XSS) attacks.

Software Description:
– gunicorn: Python HTTP/WSGI server

Details:

It was discovered that gunicorn improperly handled certain input. An attacker
could potentially use this issue execute a cross-site scripting (XSS) attack.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
gunicorn 19.4.5-1ubuntu1.1
gunicorn3 19.4.5-1ubuntu1.1
python-gunicorn 19.4.5-1ubuntu1.1
python3-gunicorn 19.4.5-1ubuntu1.1

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4022-1
CVE-2018-1000164

Package Information:
https://launchpad.net/ubuntu/+source/gunicorn/19.4.5-1ubuntu1.1

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEwZbe96kJeWh2OITRdyg1Qz0oXX0FAl0KlgIACgkQdyg1Qz0o
XX3IOA/+M5HBlRAcM2GK8wX4sZaUIqy9nI75fZpLcO6chpPNtlgNjk5GvFwAUFub
JIKC7uYKMnHC5fKmI1rPPgp1KycLD18y3nVdcBTQH3MMtaK2i7d/ckYf5dJ9gETZ
fLitQzl+fSsWJ54ikenQ3Hj6xF+E8EvoPzBNqGZwQfU4yegPU5XFrY1JFoz0OyMT
EdIMWU0CambuzF6LjleEvZegnK4PhDE5pjfmCEK1Mk5co3hNLaTl87OrpznIyLi8
omok3pvkz+DdLtTx+a8sxDyfYucG9ZiDoODKVpkJF+8HPQPUIhiPcqV7LvUqTdd2
tJ0JWGWs6iNGgO+VJ5oKcid0zFX2h2ETcwmSuafhBWRpn5RzQFtMfcrqbkTXqiOM
z8OC0Ex1qXOhH3zc3Xscg2ZUXc55SFDOj8OV7gG1kXvSm3qqe+drCrHm9NIZa1P/
L4NyzjFj1b8ISFzJR226yxfB6qtwQR5KhjrzTOzytMbIC3kBoBAdtXpbUJXJY0Cd
y1BIxbc58WdPZsmyLEYvMO/dK0FakPCA2mSoeIoQSErmFmEZiXtITclB5fVL3WcZ
Pqk1KLY9C7t0Zy5Vac73VCcXGuSgVLLRUBPF4SzDouqMmnK/qQ2Mgsmql82ag/9G
/zqcnRkkiSvMTRmjngljfmlcfouVqPqAGUMv3bC1CUTc1uY3edA=
=Dxt4
—–END PGP SIGNATURE—–
—