-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Package: harfbuzz
Version: 0.9.35-2+deb8u1
CVE ID : CVE-2015-8947
An issue has been found in harfbuzz, an OpenType text shaping engine.
Due to a buffer over-read, remote attackers are able to cause a denial of
service or
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: libssh
Version: 0.6.3-4+deb8u4
CVE ID : CVE-2019-14889
Debian Bug : 946548
It was found that libssh, a tiny C SSH library, does not sufficiently
sanitize path parameters provided to the server, allowing an
