CVE-fix for CVE-2023-25434 and CVE-2023-26965 for 4.5.0 was submitted for master which could directly be backported to mickledore too as it has the same version -> https://lists.openembedded.org/g/openembedded-core/message/183408

However, it increases Steve's task to patch if we submit single CVE's. So, better to club and send them.

Regards,
Siddharth