Both are SECURITY fixes.
For 009_ppp, the description is:
Buffer overflow in ppp command prompt parsing.
For 010_openssh, the description is:
sshd(8) would execute ~/.ssh/rc even when a sshd_config(5) ForceCommand directive was in effect, allowing users with write access to this file to execute arbitrary commands. This behaviour was documented, but was an unsafe default and an extra hassle for administrators.
I've made binpatches for i386, amd64 and sparc64.