Candidate: CVE-2008-3662
PublicDate: 2008-09-18 18:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3662
Description:
 Gallery before 1.5.9, and 2.x before 2.2.6, does not set the secure flag
 for the session cookie in an https session, which can cause the cookie to
 be sent in http requests and make it easier for remote attackers to capture
 this cookie.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_gallery:
upstream_gallery: released (1.5.9)
dapper_gallery: ignored (reached end-of-life)
feisty_gallery: needs-triage (reached end-of-life)
gutsy_gallery: needs-triage (reached end-of-life)
hardy_gallery: ignored (reached end-of-life)
intrepid_gallery: needs-triage (reached end-of-life)
jaunty_gallery: not-affected (1.5.9-1.2ubuntu1)
karmic_gallery: not-affected (1.5.9-1.2ubuntu1)
lucid_gallery: not-affected (1.5.9-1.2ubuntu1)
maverick_gallery: not-affected (1.5.9-1.2ubuntu1)
natty_gallery: not-affected (1.5.9-1.2ubuntu1)
oneiric_gallery: not-affected (1.5.9-1.2ubuntu1)
devel_gallery: not-affected (1.5.9-1.2ubuntu1)

Patches_gallery2:
upstream_gallery2: released (2.2.6)
dapper_gallery2: ignored (reached end-of-life)
feisty_gallery2: needs-triage (reached end-of-life)
gutsy_gallery2: needs-triage (reached end-of-life)
hardy_gallery2: ignored (reached end-of-life)
intrepid_gallery2: not-affected (2.2.6-1)
jaunty_gallery2: not-affected (2.2.6-1)
karmic_gallery2: not-affected (2.2.6-1)
lucid_gallery2: not-affected (2.2.6-1)
maverick_gallery2: not-affected (2.2.6-1)
natty_gallery2: not-affected (2.2.6-1)
oneiric_gallery2: not-affected (2.2.6-1)
devel_gallery2: not-affected (2.2.6-1)