[SECURITY] [DLA 1931-1] libgcrypt20 security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Package: libgcrypt20 Version: 1.6.3-2+deb8u6 CVE ID : CVE-2019-13627 Debian Bug : #938938 It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. For Debian 8 "Jessie", this issue has been fixed in libgcrypt20 version 1.6.3-2+deb8u6. We recommend that you upgrade your libgcrypt20 packages. Regards, - -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl2KOOkACgkQHpU+J9Qx HlhH0Q//TZp2z8s88tMQLVnMT2+/FaLr7zFnha6J1/NT8bydC0NiVom8u1FEdVJY bkPXuJ0FAWohsWkvlTO+EY+8nJTwQxTdxT0WY9QGlUsx8eG84Q+oD72LZHjgM7Cm /wWCxKr2ohwz2ec6Qf0q7++yDSPBHAcQd1vmgr/DkhgYpbtLjBxIty0LuKjTIM/w 0A+JXltrrXUJ5lEdRmCY3aU3fAaP+HpRuS7mNg9cHN9i7Mkb5j7EkopxHhY0kUdP YkdEXTxm/0Ci9iPnA3yqoIdoTaldzK9MK/QRPJZN/GXVlm1QGtMQ743bAAp7jWSS 8MqAtgWCRWiApNW3Rw+OBHIzXLdum5ydngb6c1alABFOCJ/reTT8kv042PI4ellB zxzWHoQQhz4a2Ylha2J6WRoK3dEWi5B9dejajil6dq+z0euiy3oXVmDBSEbOlXas K/jAa6TjEm+/86gVFzUpqJGol4fPwpXsrqi46hwd3teAn8bMYRs6c9h0QgI4bj24 RqFN0V8UixzmmLQRIgOcH4+S1BYcrLqzdoarY6qRthGeb8paGqimYMAI42/6RerB IPPuMqwsND1ysSMjM/r5sTN+6DOGMsuxF7hMmpPjADvPbTdym5iH5CiM6usWWiqS qsNOQhWySJIhsQXLwe32PLbcG+1ElgwwH4NawYQwDRs5xnRvJfM= =YET7 -END PGP SIGNATURE-
[SECURITY] [DLA 1928-1] php5 security update
Package: php5 Version: 5.6.40+dfsg-0+deb8u6 Debian Bug : 805222 An update has been made to php5, a server-side, HTML-embedded scripting language. Specficially, as reported in #805222, the ability to build extensions in certain older versions of PHP within Debian has been hindered by an upstream change which first appeared in PHP 5.6.15. This update applies a fix which restores the ability to build PHP extensions for Debian 8 "jessie" so that a forthcoming PECL extension update can be built and released. For Debian 8 "Jessie", this problem has been fixed in version 5.6.40+dfsg-0+deb8u6. We recommend that you upgrade your php5 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS signature.asc Description: PGP signature