[Git][security-tracker-team/security-tracker][master] Track fixed version for sogo issues addressed via unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Mar 25 18:30:06 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b3bff820 by Salvatore Bonaccorso at 2026-03-25T19:29:30+01:00
Track fixed version for sogo issues addressed via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4470,10 +4470,10 @@ CVE-2026-3312
[bullseye] - pagure <postponed> (Minor issue, infoleak)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2443259
CVE-2025-71276 (SOGo before 5.12.5 is prone to a XSS vulnerability with events, tasks, ...)
- - sogo <unfixed> (bug #1131605)
+ - sogo 5.12.6-1 (bug #1131605)
NOTE: Fixed by: https://github.com/Alinto/sogo/commit/e9b3f2a43d7557e8416f6749df4ab4f9128af2d1 (SOGo-5.12.5)
CVE-2026-33550 (SOGo before 5.12.5 does not renew the OTP if a user disables/enables i ...)
- - sogo <unfixed> (bug #1131606)
+ - sogo 5.12.6-1 (bug #1131606)
NOTE: Fixed by: https://github.com/Alinto/sogo/commit/83d4c522f87cfde0ba543837d9b24c3479083ec2 (SOGo-5.12.5)
CVE-2026-4359 (A compromised third party cloud server or man-in-the-middle attacker c ...)
- mongo-c-driver 2.2.3-1
@@ -13699,7 +13699,7 @@ CVE-2026-3064 (A security vulnerability has been detected in HummerRisk up to 1.
CVE-2026-3057 (A security flaw has been discovered in a54552239 pearProjectApi up to ...)
NOT-FOR-US: a54552239 pearProjectApi
CVE-2026-3054 (A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impa ...)
- - sogo <unfixed> (bug #1130878)
+ - sogo 5.12.6-1 (bug #1130878)
NOTE: Fixed by: https://github.com/Alinto/sogo/commit/e821b20f87d1a9757f1d0aff7d1e31703f97054b (SOGo-5.12.5)
CVE-2026-3053 (A vulnerability was determined in DataLinkDC dinky up to 1.2.5. This a ...)
NOT-FOR-US: DataLinkDC dinky
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b3bff8207312905cd72081d862b7ee4e1f6bf2bb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b3bff8207312905cd72081d862b7ee4e1f6bf2bb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260325/a2892798/attachment.htm>
More information about the debian-security-tracker-commits
mailing list