Tavis Ormandy discovered that FUSE, a Filesystem in USErspace, does not
scrub the environment before executing mount or umount with elevated
privileges. A local user can take advantage of this flaw to overwrite
arbitrary files and gain elevated privileges by accessing debugging
features via the environment that would not normally be safe for
unprivileged users.

Multiple vulnerabilities were discovered in Zend Framework, a PHP
framework. Except for CVE-2015-3154, all these issues were already fixed
in the version initially shipped with Jessie.

Vadim Melihow discovered that in proftpd-dfsg, an FTP server, the
mod_copy module allowed unauthenticated users to copy files around on
the server, and possibly to execute arbitrary code.

Multiple security issues have been found in Icedove, Debian’s version of
the Mozilla Thunderbird mail client: Multiple memory safety errors,
buffer overflows and use-after-frees may lead to the execution of
arbitrary code, privilege escalation or denial of service.

Jason Geffner discovered a buffer overflow in the emulated floppy
disk drive, resulting in the potential execution of arbitrary code.
This only affects HVM guests.

Multiple vulnerabilities were discovered in libmodule-signature-perl, a
Perl module to manipulate CPAN SIGNATURE files. The Common
Vulnerabilities and Exposures project identifies the following problems:

Multiple security issues have been found in Iceweasel, Debian’s version
of the Mozilla Firefox web browser: Multiple memory safety errors,
buffer overflows and use-after-frees may lead to the execution of
arbitrary code, privilege escalation or denial of service.

Several vulnerabilities were discovered in the qemu virtualisation
solution:

It was discovered that the fix for
CVE-2013-4422 in quassel, a
distributed IRC client, was incomplete. This could allow remote
attackers to inject SQL queries after a database reconnection (e.g.
when the backend PostgreSQL server is restarted).

Jesse Hertz of Matasano Security discovered that Mercurial, a
distributed version control system, is prone to a command injection
vulnerability via a crafted repository name in a clone command.