Bug#885338: undertow: CVE-2017-7559: HTTP Request smuggling vulnerability (incomplete fix of CVE-2017-2666)

Markus Koschany apo at debian.org
Fri Mar 2 18:09:10 UTC 2018


Control: forwarded -1 https://issues.jboss.org/browse/UNDERTOW-1251

It seems this issue is tracked at

https://issues.jboss.org/browse/UNDERTOW-1251

However the bug report appears to be a duplicate of UNDERTOW-1101 which
was CVE-2017-2666 last year. I added a comment and hope that someone can
clarify the situation.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-java-maintainers/attachments/20180302/f37cc61d/attachment.sig>


More information about the pkg-java-maintainers mailing list