Control: tag -1 wontfix Control: close -1 Hi,
On Sun, Jul 05, 2026 at 04:45:35AM +0530, Utkarsh Gupta wrote: > node-lodash is affected by 3 open CVEs (CVE-2025-13465, CVE-2026-2950, > and CVE-2026-4800). This has been fixed in sid, forky, and bullseye. > Only bookworm and trixie remain, as shown in the tracker: Unfortunately this is too late now for the final point release of bookworm on 11 July 2026, unless it is critically urgent. Thanks, -- Jonathan Wiltshire [email protected] Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1

