Am 31. Dezember 2025 16:19:19 UTC schrieb "Adam D. Barratt" <[email protected]>: >On Wed, 2025-12-31 at 11:43 +0100, Tobias Frost wrote: >> This s-p-u fixes CVE-2025-63498 and CVE-2025-63499, two XSS >> vulnerabilities. >> The plan is to fix sogos vulnerabilities in all the releases, also >> LTS, being stable the first step. >> Fixing >> * CVE-2025-63498 - Cross Site Scripting (XSS) >> * CVE-2025-63499 - Cross Site Scripting (XSS) (Closes: #1121952) > >Unless I missed something, this: > >+sogo (5.12.1-3+deb13u1) trixie; urgency=high >+ >+ * Non-maintainer upload by the Security Team. > >is inaccurate. > >Regards, > >Adam
right, that slipped through... i can fix this and re-upload, of course.
