[SECURITY] [DLA 505-1] libpdfbox-java security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: libpdfbox-java Version: 1:1.7.0+dfsg-4+deb7u1 CVE ID : CVE-2016-2175 Apache PDFBox did not properly initialize the XML parsers, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks

[SECURITY] [DLA 504-1] libxstream-java security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: libxstream-java Version: 1.4.2-1+deb7u1 CVE ID : CVE-2016-3674 Debian Bug : 819455 It was discovered that XStream, a Java library to serialize objects to XML and back again, was susceptible to XML External

[SECURITY] [DLA 508-1] expat security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: expat Version: 2.1.0-1+deb7u4 CVE ID : CVE-2012-6702 CVE-2016-5300 Two related issues have been discovered in Expat, a C library for parsing XML. CVE-2012-6702 This issue was introduced when CVE-2012-0876 was