DSA 4233-1: bouncycastle security update
It was discovered that the low-level interface to the RSA key pair generator of Bouncy Castle (a Java implementation of cryptographic algorithms) could perform less Miller-Rabin primality tests than expected.

DSA 4234-1: lava-server security update
Two vulnerabilities were discovered in LAVA, a continuous integration system for deploying operating systems for running tests, which could result in information disclosure of files readable by the lavaserver system user or the execution of arbitrary code via a XMLRPC call.