Thanks Bastian, will take a look at adding the patches on 4.6.0+p1-0+deb11u1.
From: Bastian Germann<mailto:b...@debian.org> Sent: Friday, November 25, 2022 5:25 AM To: 1023...@bugs.debian.org<mailto:1023...@bugs.debian.org>; sirkilam...@msn.com<mailto:sirkilam...@msn.com> Subject: Re: Bug#1023697: Keep out of testing On Tue, 15 Nov 2022 15:27:54 -0800 Felix Lechner <felix.lech...@lease-up.com> wrote: > On Tue, Nov 8, 2022 at 12:00 PM Moritz Muehlenhoff <j...@debian.org> wrote: > > > > open security issues > > I also just uploaded a backport for bullseye. It would be great to address the CVEs with patches on 4.6.0+p1-0+deb11u1. This would actually be helpful and will maybe convince the Security Team to keep wolfSSL in bookworm. I am not able to identify the fixes for the CVEs quickly but I see that Jacob is affiliated with wolfSSL Inc. so he is probably better equipped to do so. Jacob, would you please do those CVE fix backports?
