Hi Chris, the work has been done already. Packages with the patches will be uploaded soon.
regards. ---------- Forwarded message --------- From: Chris Frey <cdf...@foursquare.net> Date: Tue, Oct 29, 2024, 08:36 Subject: CVE-2024-6602 & CVE-2024-6609 nss for debian/buster To: <debian-lts@lists.debian.org> Just in case anyone else is in the same boat, here's my preliminary work of copying Bullseye's CVE patches to Buster's libnss. The patch should apply directly to an expanded 'apt-get source libnss3' on Debian Buster. If you want to do it yourself, simply copying these two patch files from bullseye to buster was enough, they applied cleanly. - Chris
