[b]Debian GNU/Linux 8:[/b]
DSA 4224-1: gnupg security update
Marcus Brinkmann discovered that GnuGPG performed insufficient sanitisation of file names displayed in status messages, which could be abused to fake the verification status of a signed email.

[b]Debian GNU/Linux 8 and 9:[/b]
DSA 4220-1: firefox-esr security update
Ivan Fratric discovered a buffer overflow in the Skia graphics library used by Firefox, which could result in the execution of arbitrary code.

DSA 4221-1: libvncserver security update
Alexander Peslyak discovered that insufficient input sanitising of RFB packets in LibVNCServer could result in the disclosure of memory contents.

DSA 4222-1: gnupg2 security update
Marcus Brinkmann discovered that GnuGPG performed insufficient sanitisation of file names displayed in status messages, which could be abused to fake the verification status of a signed email.

[b]Debian GNU/Linux 9:[/b]
DSA 4223-1: gnupg1 security update
Marcus Brinkmann discovered that GnuGPG performed insufficient sanitisation of file names displayed in status messages, which could be abused to fake the verification status of a signed email.