Vulnerable shared libraries might make ndsi vulnerable. Can you help upgrade to patch versions?

[MikeWazoWski123]

Hi, @papr , @romanroibu , I'd like to report a vulnerability issue in ndsi_1.4.4.

Dependency Graph between Python and Shared Libraries

Issue Description

As shown in the above dependency graph(here shows part of the dependency graph, which depends on vulnerable shared libraries), ndsi_1.4.4 directly or transitively depends on 39 C libraries (.so). However, I noticed that some C libraries are vulnerable, containing the following CVEs:
libgmp-ddfbe7bc.so.10.4.0 from C project gmp(version:6.2.0) exposed 1 vulnerabilities:
CVE-2021-43618
libhogweed-f1d5fd82.so.6.0 and libnettle-b828a3d9.so.8.0 from C project nettle(version:<=3.7) exposed 1 vulnerabilities:
CVE-2021-3580
libturbojpeg-88df157c.so.0.1.0 from C project libjpeg-turbo(version:1.4.2) exposed 1 vulnerabilities:
CVE-2018-14498
libuuid-f64cda11.so.1.3.0 from C project util-linux(version:2.27.1) exposed 3 vulnerabilities:
CVE-2018-7738, CVE-2021-37600, CVE-2016-5011
libxml2-22ad8dfa.so.2.9.10 from C project libxml2(version:2.9.10) exposed 7 vulnerabilities:
CVE-2019-20388, CVE-2020-7595, CVE-2021-3541, CVE-2021-3537, CVE-2021-3518, CVE-2021-3517, CVE-2020-24977

Suggested Vulnerability Patch Versions

No official patch version released, but gmp has fixed the vulnerability in patch.
nettle has fixed the vulnerabilities in versions >=3.7.3
libjpeg-turbo has fixed the vulnerabilities in versions >=2.0.0
util-linux has fixed the vulnerabilities in versions >=2.37.2
libxml2 has fixed the vulnerabilities in versions >=2.9.11

Python build tools cannot report vulnerable C libraries, which may induce potential security issues to many downstream Python projects.
As a popular python package (ndsi has 3,409 downloads per month), could you please upgrade the above shared libraries to their patch versions?

Thanks for your help~
Best regards,
MikeWazowski