Composer is proven dependency management tool in PHP. Just mention application's all specifications and dependencies in composer.json and run "composer install". Composer locates, validates, downloads and loads the specified packages and ensures that exactly the right versions for each package is used.
Drupal's security advisory has announced the patches to fix 2 moderate and 2 less critical vulnerabilities in Drupal 7x and 8x versions. One of the moderately critical vulnerability patch is related to DoS loop holes. Its highly recommended to update your Drupal site to respective 7.52 and 8.2.3. Notably Drupal 8.2.3 includes only security patches.
Ubuntu 16.10 Yakkety Yak has been released and available for the end user through its various flavors. Importantly we should also note that this is not an LTS version and will have a support only for next 9 months till July 2017.