-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Package: libpdfbox-java
Version: 1:1.7.0+dfsg-4+deb7u1
CVE ID : CVE-2016-2175
Apache PDFBox did not properly initialize the XML parsers, which
allows context-dependent attackers to conduct XML External Entity
(XXE) attacks
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Package: libxstream-java
Version: 1.4.2-1+deb7u1
CVE ID : CVE-2016-3674
Debian Bug : 819455
It was discovered that XStream, a Java library to serialize objects to
XML and back again, was susceptible to XML External
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Package: expat
Version: 2.1.0-1+deb7u4
CVE ID : CVE-2012-6702 CVE-2016-5300
Two related issues have been discovered in Expat, a C library for
parsing XML.
CVE-2012-6702
This issue was introduced when CVE-2012-0876 was