Bug#850105: RM: sogo/2.2.9+git20141017-1

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#850105: RM: sogo/2.2.9+git20141017-1
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 04 Jan 2017 07:39:26 +0100
Message-id: <[🔎] 20170104063926.10525.14291.reportbug@lorien.valinor.li>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 850105@bugs.debian.org

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: rm

Hi Stable release managers,

sogo in the 2.x series is security-wise unsupportable (confirmed as
well by Jeroen). It is affected by several CVEs which are unfixed in
stable as well.

Could you please remove sogo from stable in the next point release?

I know it is a seprate thing, so take this just as comment: Stretch as
well ideally should not contain any 2.x version, that one should be
autoremoved again in some days. Unclear if the situation would be
different for 3.x.

Regards,
Salvatore

Reply to:

Follow-Ups:
- Bug#850105: marked as done (RM: sogo -- RoST; multiple security issues)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#850094: Please do not remove packages which FTBFS randomly yet
Next by Date: Processed: Re: Bug#849020: jessie-pu: package systemd/215-17+deb8u6
Previous by thread: Bug#850094: marked as done (Please do not remove packages which FTBFS randomly yet)
Next by thread: Bug#850105: marked as done (RM: sogo -- RoST; multiple security issues)
Index(es):
- Date
- Thread