Bug#1124633: bookworm-pu: package sogo/5.8.0-2+deb12u1

["Adam D. Barratt" <adam@adam-barratt.org.uk>]

On Sun, 2026-01-04 at 20:30 +0100, Salvatore Bonaccorso wrote:
> Hi Tobias,
> 
> On Sun, Jan 04, 2026 at 05:51:37PM +0100, Tobias Frost wrote:
> 
[...]
> > This o-s-p-u fixes the following CVES:
> >  * CVE-2024-48104 - HTML Injection (Closes: #1060925)
> 
> This should have been CVE-2023-48104. Adam can you update that for
> the comments at least, not sure we have enough time to make a reject
> and new upload correcting that.

I used the correct ID in the comment, but given the time between
oldstable point releases I decided to accept the package as-is rather
than wait for a reject-and-reupload cycle.

If desired then I'd likely accept a u2 that simply corrected the typo
in the u1 changelog, so long as it happened quickly.

Regards,

Adam