DLA 1405-1: libgcrypt20 security update
It was discovered that Libgcrypt is prone to a local side-channel attack allowing recovery of ECDSA private keys

DLA 1406-1: firefox-esr security update
Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors and other implementation errors may lead to the execution of arbitrary code, denial of service, cross-site request forgery or information disclosure

DLA 1407-1: mariadb-10.0 security update
Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.35

DLA 1408-1: simplesamlphp security update
This address two security issues

DLA 1409-1: mosquitto security update
Fix to avoid extraordinary memory consumption by crafted CONNECT packet from unauthenticated client. In case all sockets/file descriptors are exhausted, this is a fix to avoid default config values after reloading configuration by SIGHUP signal