mod_wsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow attackers to gain privileges via unspecified vectors.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | mod-wsgi | < 4.2.7-1 | mod-wsgi_4.2.7-1_all.deb |
Debian | 11 | all | mod-wsgi | < 4.2.7-1 | mod-wsgi_4.2.7-1_all.deb |
Debian | 10 | all | mod-wsgi | < 4.2.7-1 | mod-wsgi_4.2.7-1_all.deb |
Debian | 999 | all | mod-wsgi | < 4.2.7-1 | mod-wsgi_4.2.7-1_all.deb |
Debian | 13 | all | mod-wsgi | < 4.2.7-1 | mod-wsgi_4.2.7-1_all.deb |