On Mon, May 17, 2021 at 11:54:05AM +0200, Ola Lundqvist wrote:
> Hi firmware-nonfree maintainers
>
> I have a question from an LTS perspective about the possible security
> updates we have for the firmware-nonfree package.
>
> You can find them here:
> https://security-tracker.debian.org/tracker/source-package/firmware-nonfree
Did you even look at the CVEs in question? CVE-2020-1236[2,3,4] need
a kernel patch to actually allow to use the new firmware and that patch
isn't present in 4.19 (and ofc also not in 4.9)
Cheers,
Moritz
