Debian-LTS has updated bozohttpd
(two vulnerabilities, one from 2014), ruby-mail (SMTP injection), and xymon (multiple vulnerabilities). Also, the Debian-LTS team has announced that some packages will not be
supported (libv8, mediawiki, sogo, and vlc) for Debian 7 (“wheezy”),
so users of those should upgrade to Debian 8 (“jessie”).
Red Hat has updated rh-mariadb100-mariadb (RHSC: many vulnerabilities).