[Git][security-tracker-team/security-tracker][master] Add Debian bug references for sogo issues

Sun Mar 22 21:31:31 GMT 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b821f4c4 by Salvatore Bonaccorso at 2026-03-22T22:26:50+01:00
Add Debian bug references for sogo issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2475,10 +2475,10 @@ CVE-2026-3312
 	- pagure <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2443259
 CVE-2025-71276 (SOGo before 5.12.5 is prone to a XSS vulnerability with events, tasks, ...)
-	- sogo <unfixed>
+	- sogo <unfixed> (bug #1131605)
 	NOTE: Fixed by: https://github.com/Alinto/sogo/commit/e9b3f2a43d7557e8416f6749df4ab4f9128af2d1 (SOGo-5.12.5)
 CVE-2026-33550 (SOGo before 5.12.5 does not renew the OTP if a user disables/enables i ...)
-	- sogo <unfixed>
+	- sogo <unfixed> (bug #1131606)
 	NOTE: Fixed by: https://github.com/Alinto/sogo/commit/83d4c522f87cfde0ba543837d9b24c3479083ec2 (SOGo-5.12.5)
 CVE-2026-4359 (A compromised third party cloud server or man-in-the-middle attacker c ...)
 	- mongo-c-driver 2.2.3-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b821f4c4e262c8ac56068f0570c89c60eaaafea4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b821f4c4e262c8ac56068f0570c89c60eaaafea4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260322/8154c75e/attachment.htm>
