Just incase: you should only download code sources from SAP via Service Market Place, not via transports or external files.
It is also best to use the SOLMAN system recommendations for SAP related security notes. It includes all of them and not just those of specific researchers.
SAP also offers an optional evaluation service. See SAP Note 1839420. Some notes must just go in... others are better options for upgrades or support packs and have mitigation possibilities.
Cheers,
Julius