Hi Abhijith I had a brief look at varnish that you have worked on to figure out what the state of the package is.
In buster I can see the following CVEs. CVE-2024-30156 - ignored in bullseye and bookworm because it is too intrusive to backport CVE-2023-44487 - ignored in bullseye and bookworm because it is too intrusive to backport CVE-2019-20637 - looks like it can be backported My question to you is which issue you have tried to address? Is it CVE-2019-20637? Only? If only that, is there any particular reason why CVE-2024-30156 and CVE-44487 have not been ignored for buster as well? Thanks in advance // Ola -- --- Inguza Technology AB --- MSc in Information Technology ---- | o...@inguza.com o...@debian.org | | http://inguza.com/ Mobile: +46 (0)70-332 1551 | ---------------------------------------------------------------
