From ${URL} : uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the --php-docroot option, allowing directory traversal. Upstream Changelog: https://uwsgi-docs.readthedocs.io/en/latest/Changelog-2.0.17.html @maintainer(s): since the fixed package is already in the tree, please let us know if it is ready for the stabilization or not.
Thanks ago Non vulnerable ebuild version uwsgi-2.0.17 is in tree Please proceed with stabilizing package list?
@arches, please stabilize.
amd64 stable
x86 stable
GLSA Vote: No @maintainer, please clean the vulnerable version.
done, vulnerable removed from tree! thanks everyone