Hi,

On 13/07/2026 17:43, Jacob Barthelmeh wrote:
Thanks Bastian, Utkarsh and Sylvain,

My goal is to clear out any remaining high severity issues and provide better 
responsiveness for back porting during future releases of wolfSSL. At least for 
the 5.7.2 (Trixie) and 5.5.4 (bookworm) versions, I need to see if there are 
others I’ve fallen behind on that are still relevant. It will take awhile to 
get the remaining bookworm issues resolved though, but I am hoping to clear off 
the most recent ones first to get the CVE back porting Debian process down well.

Before I had focused in on only the new testing/SID bundles and the LTS support 
had fallen behind, sorry for that. Completely understand if holding off before 
reversing the EOL on bookworm, but it is our plans to better support the LTS 
versions going forward. Maybe you could wait and see how the next couple 
wolfSSL releases are handled by us? We target a release roughly every 3 months.

I have noticed that trixie is still affected by these (and other) CVEs. What is the plan for it going forward? Ideally the fixes are applied there as well.

Cheers,
Emilio

Reply via email to