On Wed, 2025-12-31 at 11:43 +0100, Tobias Frost wrote: > This s-p-u fixes CVE-2025-63498 and CVE-2025-63499, two XSS > vulnerabilities. > The plan is to fix sogos vulnerabilities in all the releases, also > LTS, being stable the first step. > Fixing > * CVE-2025-63498 - Cross Site Scripting (XSS) > * CVE-2025-63499 - Cross Site Scripting (XSS) (Closes: #1121952)
Unless I missed something, this: +sogo (5.12.1-3+deb13u1) trixie; urgency=high + + * Non-maintainer upload by the Security Team. is inaccurate. Regards, Adam
