Debian GNU/Linux 7 Extended LTS:
ELA-11-1 lame security update
Multiple vulnerabilities have been discovered in lame: CVE-2017-9870 CVE-2017-9871 CVE-2017-9872 CVE-2017-15018 CVE-2017-15045 CVE-2017-15046

ELA-12-1 ming security update
Multiple vulnerabilities have been discovered in ming: CVE-2018-11226 CVE-2018-11225 CVE-2018-11100 CVE-2018-11095

Debian GNU/Linux 8 LTS:
DLA 1400-2: tomcat7 regression update
The security update of Tomcat 7 announced as DLA-1400-1 introduced a regression for applications that make use of the Equinox OSGi framework.

DLA 1410-1: python-pysaml2 security update
Pysaml2, a Python implementation of the Security Assertion Markup Language, would accept any password when run with Python optimizations enabled. This allows attackers to log in as any user without knowing their password.