Comment 2 for bug 1957716

The patches for CVE-2021-43860 (aka GHSA-qpjc-vq3c-572j) include some test-cases, which are run during build and as part of the autopkgtest.

There is currently no automated test coverage for GHSA-8ch7-5j3h-g4fx.

If possible I would recommend upgrading to 1.12.3 and 1.10.6, rather than backporting individual commits. The stable-branches are specifically there to be used by downstream distributions that want bugfix-only updates.