Hi, thanks for this information. We do not have buster under the LTS control yet. But your information about possible vulnerable libxslt is important. We will try to check it.
Regards Anton Am Fr., 29. Juli 2022 um 06:31 Uhr schrieb Akira Shibakawa < arabishi...@gmail.com>: > Hi, > CVE-2019-5815 and CVE-2021-30560 are vulnerabilities of libxslt > included in chromium source code as third-party code. > And not only chromium but also libxslt upstream has already fixed them. > https://gitlab.gnome.org/GNOME/libxslt/-/commit/08b62c258 > https://gitlab.gnome.org/GNOME/libxslt/-/commit/50f9c9cd3 > > Because libxslt in debian buster is older than the fixed version in > upstream, these bugs are still present in debian buster. > Is there any plans to fix them in debian buster ? > (I am wonder why these CVEs are linked to only chromium, not libxslt.) > >