(Apr 16) Marcin Noga discovered multiple vulnerabilities in readxl, a GNU R package to read Excel files (via the integrated libxls library), which could result in the execution of arbitrary code if a malformed spreadsheet is processed.
(Apr 17) The Citrix Security Response Team discovered that corosync, a cluster engine implementation, allowed an unauthenticated user to cause a denial-of-service by application crash.
(Apr 25) **Version 1.6.4** – 2018-04-13 * Security fixes in some edge case scenarios, recommended update for all users * Fixed regression in version guessing of path repositories * Fixed removing aliased packages from the repository, which might resolve some odd update bugs * Fixed updating of package URLs for GitLab * Fixed run-script –list failing when script handlers were defined * Fixed
(Apr 27) Updated Boost libraries are available that fix compatibility with CUDA 9.x compilers and fix a possible integer overflow in Boost.Regex.
(Apr 17) Several security issues were fixed in Perl.