Hey. Haven't looked into the details yet, but at least heise[0] (German, use Google Translate or so) claims now that CVE-2025-5914 has been changed to a critical CVSS value.
So it might be necessary to get the fixes also into bookworm. Cheers, Chris. [0] https://www.heise.de/news/libarchive-Sicherheitsluecke-entpuppt-sich-als-kritisch-10516447.html
