From Sean Whitton@21:1/5 to All on Sun Dec 24 10:30:01 2023
Hello,
I have taken responsibility for fixing these CVEs in libssh in buster,
as part of Freexian-funded LTS work. I would like to see if I can help
get them fixed in bullseye & bookworm in parallel, to avoid a situation
where they're fixed in buster but not fixed in releases to which LTS
users might soon upgrade their machines.
I see the fixes are all in sid. Are you expecting to issue DSAs for
bullseye and bookworm? I would be grateful for some information on the
sec team's plans for these fixes.