-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: phpmyadmin
Version: 4:3.3.7-11
CVE ID : CVE-2016-2039 CVE-2016-2041
Several flaws were discovered in the CSRF authentication code of
phpMyAdmin.
CVE-2016-2039
The XSRF/CSRF token is generated with a weak
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: prosody
Version: 0.7.0-1squeeze1+deb6u2
CVE ID : CVE-2016-0756
The flaw allows a malicious server to impersonate the vulnerable domain
to any XMPP domain whose domain name includes the attacker's domain as a
suffix.