Debian Linux Security Advisory 4117-1 - This update doesn't fix a vulnerability in GCC itself, but instead provides support for building retpoline-enabled Linux kernel updates.
e4b2192c8126ae4197f2ddc821f2a3332bca2f52cba0338d5eaaffd4e5e41b11
Debian Linux Security Advisory 4116-1 - Krzysztof Sieluzycki discovered that the notifier for removable devices in the KDE Plasma workspace performed insufficient sanitization of FAT/VFAT volume labels, which could result in the execution of arbitrary shell commands if a removable device with a malformed disk label is mounted.
b9ad297c1fade239221a91632993dafc7a1a3ab7197501594a09c15d806c1548