1
Candidate: CVE-2014-9015
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9015
5
https://www.drupal.org/SA-CORE-2014-006
7
Drupal 6.x before 6.34 and 7.x before 7.34 allows remote attackers to
8
hijack sessions via a crafted request, as demonstrated by a crafted request
9
to a server that supports both HTTP and HTTPS sessions.
13
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770469
19
upstream_drupal7: released (7.32-1+deb8u1)
21
precise_drupal7: ignored (reached end-of-life)
22
precise/esm_drupal7: DNE (precise was needed)
23
trusty_drupal7: needed
24
utopic_drupal7: released (7.32-1+deb8u4build0.14.10.1)
25
vivid_drupal7: not-affected (7.32-1+deb8u3)
26
vivid/stable-phone-overlay_drupal7: DNE
27
vivid/ubuntu-core_drupal7: DNE
28
wily_drupal7: not-affected (7.32-1+deb8u3)
29
xenial_drupal7: not-affected (7.32-1+deb8u3)
30
yakkety_drupal7: not-affected (7.32-1+deb8u3)
31
zesty_drupal7: not-affected (7.32-1+deb8u3)
32
artful_drupal7: not-affected (7.32-1+deb8u3)
37
upstream_drupal6: needs-triage
38
lucid_drupal6: ignored (reached end-of-life)
39
precise_drupal6: ignored (reached end-of-life)
40
precise/esm_drupal6: DNE (precise was needed)
44
vivid/stable-phone-overlay_drupal6: DNE
45
vivid/ubuntu-core_drupal6: DNE