Rust community said the security fixes are only for the current stable relases.<br /><a href="https://internals.rust-lang.org/t/cargo-cve-2022-46176-fix-for-older-releases/18152/3?u=sundeep-kokkonda" target="_blank" rel="noopener">https://internals.rust-lang.org/t/cargo-cve-2022-46176-fix-for-older-releases/18152/3?u=sundeep-kokkonda</a><br />For old release we've to backport the patches ourselves.<br /><br />So, for the Kirkstone &amp; Langdale we've to back port the CVE fix.