Netty 3.9.8.Final and 3.10.3.Final released
I'm happy to announce the release of Netty 3.9.8.Final and 3.10.3.Final.
These releases contain a possible security fix and a few minor changes.
- Validate cookie name and value characters (#3754)
As always, please let us know if you find any issues. We love feedback!
Validate cookie name and value characters
This problem was discovered by the LinkedIn Security Team and could lead to security problems due the improper parsing of Cookies (without strict validating).
Every idea and bug-report counts and so we thought it is worth mentioning those who helped in this area. Please report an unintended omission.
A special thank you to the LinkedIn Security Team for reporting the possible security bug.