CVE-2015-2156: Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before 2.3.9 might allow remote attackers to bypass the httpOnly flag on cookies and obtain sensitive information by leveraging improper validation of cookie name and value characters.
Please fix it.
Last update: 2019-07-07
Standards version of the package is outdated.
The package should be updated to follow the last version of Debian Policy
(Standards-Version 4.4.0 instead of