Le 9/01/2017 à 23:37, Moritz Muehlenhoff a écrit :
> This is unfixed with a patch for nearly 1.5 years, can we please get this
> fixed for the stretch release.
Hi Moritz,
Thank you for the reminder. The fix was backported in the version 3.9.7.
I'll update the package to the latest 3.9.x version.
severity 793770 grave
thanks
On Mon, Jul 27, 2015 at 11:51:53AM +0200, Luca Bruno wrote:
> Source: netty-3.9
> Version: 3.9.0.Final-1
> Severity: important
> Tags: security upstream patch
>
> LinkedIn Security Team discovered a "Cookie" header parsing bug in Netty
> that could lead to universal b
Source: netty-3.9
Version: 3.9.0.Final-1
Severity: important
Tags: security upstream patch
LinkedIn Security Team discovered a "Cookie" header parsing bug in Netty
that could lead to universal bypass of the HttpOnly flag on cookies.
If the HttpOnly flag is included in the HTTP Set-Cookie response
3 matches
Mail list logo