1
Candidate: CVE-2008-3662
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3662
6
Gallery before 1.5.9, and 2.x before 2.2.6, does not set the secure flag
7
for the session cookie in an https session, which can cause the cookie to
8
be sent in http requests and make it easier for remote attackers to capture
18
upstream_gallery: released (1.5.9)
19
dapper_gallery: ignored (reached end-of-life)
20
feisty_gallery: needs-triage (reached end-of-life)
21
gutsy_gallery: needs-triage (reached end-of-life)
22
hardy_gallery: ignored (reached end-of-life)
23
intrepid_gallery: needs-triage (reached end-of-life)
24
jaunty_gallery: not-affected (1.5.9-1.2ubuntu1)
25
karmic_gallery: not-affected (1.5.9-1.2ubuntu1)
26
lucid_gallery: not-affected (1.5.9-1.2ubuntu1)
27
maverick_gallery: not-affected (1.5.9-1.2ubuntu1)
28
natty_gallery: not-affected (1.5.9-1.2ubuntu1)
29
oneiric_gallery: not-affected (1.5.9-1.2ubuntu1)
30
devel_gallery: not-affected (1.5.9-1.2ubuntu1)
33
upstream_gallery2: released (2.2.6)
34
dapper_gallery2: ignored (reached end-of-life)
35
feisty_gallery2: needs-triage (reached end-of-life)
36
gutsy_gallery2: needs-triage (reached end-of-life)
37
hardy_gallery2: ignored (reached end-of-life)
38
intrepid_gallery2: not-affected (2.2.6-1)
39
jaunty_gallery2: not-affected (2.2.6-1)
40
karmic_gallery2: not-affected (2.2.6-1)
41
lucid_gallery2: not-affected (2.2.6-1)
42
maverick_gallery2: not-affected (2.2.6-1)
43
natty_gallery2: not-affected (2.2.6-1)
44
oneiric_gallery2: not-affected (2.2.6-1)
45
devel_gallery2: not-affected (2.2.6-1)