1
Candidate: CVE-2015-2156
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2156
5
http://netty.io/news/2015/05/08/3-9-8-Final-and-3.html
6
https://www.playframework.com/security/vulnerability/CVE-2015-2156-HttpOnlyBypass
7
http://engineering.linkedin.com/security/look-netty%E2%80%99s-recent-security-update-cve%C2%AD-2015%C2%AD-2156
8
https://github.com/slandelle/netty/commit/800555417e77029dcf8a31d7de44f27b5a8f79b8
10
Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before
11
4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before
12
2.3.9 might allow remote attackers to bypass the httpOnly flag on cookies
13
and obtain sensitive information by leveraging improper validation of
14
cookie name and value characters.
18
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796114
19
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793770
20
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646523
26
upstream_netty3.1: needs-triage
27
precise_netty3.1: ignored (reached end-of-life)
28
precise/esm_netty3.1: DNE (precise was needed)
29
trusty_netty3.1: needed
30
vivid_netty3.1: ignored (reached end-of-life)
31
vivid/stable-phone-overlay_netty3.1: DNE
32
vivid/ubuntu-core_netty3.1: DNE
42
upstream_netty: needs-triage
43
precise_netty: ignored (reached end-of-life)
44
precise/esm_netty: DNE (precise was needed)
46
vivid_netty: ignored (reached end-of-life)
47
vivid/stable-phone-overlay_netty: DNE
48
vivid/ubuntu-core_netty: DNE
49
wily_netty: ignored (reached end-of-life)
51
yakkety_netty: ignored (reached end-of-life)
52
zesty_netty: ignored (reached end-of-life)
58
upstream_netty-3.9: needs-triage
59
precise_netty-3.9: DNE
60
precise/esm_netty-3.9: DNE
62
vivid_netty-3.9: ignored (reached end-of-life)
63
vivid/stable-phone-overlay_netty-3.9: DNE
64
vivid/ubuntu-core_netty-3.9: DNE
65
wily_netty-3.9: ignored (reached end-of-life)
66
xenial_netty-3.9: needed
67
yakkety_netty-3.9: ignored (reached end-of-life)
68
zesty_netty-3.9: ignored (reached end-of-life)
69
artful_netty-3.9: needed
70
bionic_netty-3.9: needed
71
devel_netty-3.9: needed