Package leptonica has been updated to the current stable version 1.75.3 which fixes:
CVE-2018-7186 - multiple stack-based buffer overflows in gplotRead() and ptaReadStream()
CVE-2018-7247 - a buffer overflow in in src/viewfiles.c with unsanitized input (rootname)