It was discovered that there was a remote denial-of-service (DoS) vulnerability in memcached, a high-performance memory object caching system. The try_read_command function allowed remote attackers to cause a DoS via a
Since the release of the last Debian stable release ("stretch"), Debian LTS ("wheezy") has been renamed "oldoldstable", which broke the unattended-upgrades package as described in bug #867169. Updates would simply not be performed anymore.
from the Google Security Team discovered that the Evince document viewer made insecure use of tar when opening tar comic book archives (CBT). Opening a malicious CBT archive could result in the execution of arbitrary code. This update disables the CBT format entirely.
libmtp, a library for communicating with MTP aware devices (like cellular phones and audio players), was found to be vulnerable to several integer overflow vulnerabilities, which allowed malicious devices to cause denial of service crashes and maybe remote code
Robert ÅšwiÄ™cki discovered that the value placeholder in [Proxy-]Authorization Digest headers were not initialized or reset before or between successive key=value assignments in Apache 2's mod_auth_digest module