libxslt: some CVEs not fixed in debian buster

Hi, CVE-2019-5815 and CVE-2021-30560 are vulnerabilities of libxslt included in chromium source code as third-party code. And not only chromium but also libxslt upstream has already fixed them. https://gitlab.gnome.org/GNOME/libxslt/-/commit/08b62c258 https://gitlab.gnome.org/GNOME/libxslt/-/commit

net-snmp: Some MIB files in upstream aren't included.

Hi. Why some MIB files in upstream are not included in debian net-snmp? For example, although v5.4.3 in upstream[1] has DISMAN-EVENT-MIB.txt, in debian it has been removed at the revision "Imported Upstream version 5.4.3~dfsg"[2]. Is it because the removed MIB files don't satisfy DFSG? Or, is there