Bug#454529: CVE-2007-5615: CRLF injection vulnerability
Steffen Joeris
steffen.joeris at skolelinux.de
Wed Dec 5 22:37:42 UTC 2007
Package: jetty
Severity: normal
Tags: security
Hi
The following CVE[0] has been issued against jetty:
CVE-2007-5615:
CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows
remote attackers to inject arbitrary HTTP headers and conduct HTTP
response splitting attacks via unspecified vectors.
Please mention the CVE id in the changelog, when you fix this bug.
Thanks for your efforts.
Cheers
Steffen
[0]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5615
More information about the pkg-java-maintainers
mailing list