CVE-2022-40023 affecting package python-mako for versions less than 1.2.2-1

CVE-2022-40023 affecting package python-mako for versions less than 1.2.2-1. An upgraded version of the package is available that resolves this issue...

Debian DLA-2654-1 : composer security update

It was discovered that composer, a dependency manager for PHP, did not properly sanitize Mercurial URLs, which could lead to arbitrary code execution. For Debian 9 stretch, this problem has been fixed in version 1.2.2-1+deb9u1. We recommend that you upgrade your composer packages. For the detaile...