Project

General

Profile

Actions

Bug #11352

closed

Foreman 1.7.5 CVE-2015-3155 - The _session_id cookie is issued without the Secure flag

Added by Brian Lee over 8 years ago. Updated almost 7 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
Security
Target version:
-
Difficulty:
Triaged:
Fixed in Releases:
Found in Releases:

Description

The 1.7.5 branch has the same security issue as this: http://projects.theforeman.org/issues/10275


Related issues 1 (0 open1 closed)

Related to Foreman - Bug #10275: CVE-2015-3155 - The _session_id cookie is issued without the Secure flagClosedShlomi Zadok04/27/2015Actions
Actions #1

Updated by Dominic Cleal over 8 years ago

  • Related to Bug #10275: CVE-2015-3155 - The _session_id cookie is issued without the Secure flag added
Actions #2

Updated by Dominic Cleal over 8 years ago

Currently I have no plan to release a new 1.7 minor release due to the availability of 1.8.1 or 1.9, which contain fixes, and the lower severity of the issue.

The top of http://theforeman.org/security.html has a summary of when you can expect fixes to be released.

Actions #3

Updated by Anonymous almost 7 years ago

  • Status changed from New to Rejected
Actions

Also available in: Atom PDF