Debian Linux Security Advisory 3826-1 - It was discovered that the original patch to address CVE-2016-1242 did not cover all cases, which may result in information disclosure of file contents.
3423ca8a87e8fac614d9a76b1e45fc9a2696b78b085f209930549e16ff84f355