-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: texlive-base
Version: 2012.20120611-5+deb7u1
CVE ID : CVE-2016-10243
The TeX system allows for calling external programs from within the TeX
source code. This has been restricted to a small set of programs since a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: freetype
Version: 2.4.9-1.1+deb7u4
CVE ID : CVE-2016-10244
Debian Bug : #856971
It was discovered that there was a denial of service vulnerability in freetype,
a font rendering library.
The parse_charstrings
