Bug#1124633: bookworm-pu: package sogo/5.8.0-2+deb12u1

To: Tobias Frost <tobi@debian.org>, 1124633@bugs.debian.org
Subject: Bug#1124633: bookworm-pu: package sogo/5.8.0-2+deb12u1
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sun, 4 Jan 2026 20:30:07 +0100
Message-id: <[🔎] aVq_v6rdoRgs5YCh@eldamar.lan>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 1124633@bugs.debian.org
In-reply-to: <[🔎] 176754549747.684194.7128654103989899061.reportbug@isildor2.loewenhoehle.ip>
References: <[🔎] 176754549747.684194.7128654103989899061.reportbug@isildor2.loewenhoehle.ip> <[🔎] 176754549747.684194.7128654103989899061.reportbug@isildor2.loewenhoehle.ip>

Hi Tobias,

On Sun, Jan 04, 2026 at 05:51:37PM +0100, Tobias Frost wrote:
> Package: release.debian.org
> Severity: normal
> Tags: bookworm
> X-Debbugs-Cc: sogo@packages.debian.org, sogo@packages.debian.org, team@security.debian.org
> Control: affects -1 + src:sogo
> User: release.debian.org@packages.debian.org
> Usertags: pu
> 
> This o-s-p-u fixes the following CVES:
>  * CVE-2024-48104 - HTML Injection (Closes: #1060925)

This should have been CVE-2023-48104. Adam can you update that for the
comments at least, not sure we have enough time to make a reject and
new upload correcting that.

Regards,
Salvatore

Reply to:

Follow-Ups:
- Bug#1124633: bookworm-pu: package sogo/5.8.0-2+deb12u1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

References:
- Bug#1124633: bookworm-pu: package sogo/5.8.0-2+deb12u1
  - From: Tobias Frost <tobi@debian.org>

Prev by Date: NEW changes in oldstable-new
Next by Date: NEW changes in stable-new
Previous by thread: Processed: sogo 5.8.0-2+deb12u1 flagged for acceptance
Next by thread: Bug#1124633: bookworm-pu: package sogo/5.8.0-2+deb12u1
Index(es):
- Date
- Thread