[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1124633: bookworm-pu: package sogo/5.8.0-2+deb12u1

On Sun, Jan 04, 2026 at 07:56:06PM +0000, Adam D. Barratt wrote:
> On Sun, 2026-01-04 at 20:30 +0100, Salvatore Bonaccorso wrote:
> > Hi Tobias,
> > 
> > On Sun, Jan 04, 2026 at 05:51:37PM +0100, Tobias Frost wrote:
> > 
> [...]
> > > This o-s-p-u fixes the following CVES:
> > >  * CVE-2024-48104 - HTML Injection (Closes: #1060925)
> > 
> > This should have been CVE-2023-48104. Adam can you update that for
> > the comments at least, not sure we have enough time to make a reject
> > and new upload correcting that.
> 
> I used the correct ID in the comment, but given the time between
> oldstable point releases I decided to accept the package as-is rather
> than wait for a reject-and-reupload cycle.
> 
> If desired then I'd likely accept a u2 that simply corrected the typo
> in the u1 changelog, so long as it happened quickly.

Will provide an u2 later tonight.

--
tobi

> Regards,
> 
> Adam
Reply to: