-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: libgcrypt20
Version: 1.6.3-2+deb8u6
CVE ID : CVE-2019-13627
Debian Bug : #938938
It was discovered that there was a ECDSA timing attack in the
libgcrypt20 cryptographic library.
For Debian 8 "Jessie", this
Package: php5
Version: 5.6.40+dfsg-0+deb8u6
Debian Bug : 805222
An update has been made to php5, a server-side, HTML-embedded scripting
language. Specficially, as reported in #805222, the ability to build
extensions in certain older versions of PHP within Debian has been