-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: evince
Version: 3.4.0-3.1+deb7u2
CVE ID : CVE-2017-1000159
It was discovered that there was an arbitrary command injection in the
evince PDF viewer.
A specially-crafted embedded DVI filename could be exploited to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Package: xrdp
Version: 0.5.0-2+deb7u2
CVE ID : CVE-2017-16927
The scp_v0s_accept function in sesman/libscp/libscp_v0.c in the session manager
in xrdp uses an untrusted integer as a write length, which allows local users
to