[Pkg-sogo-maintainers] Bug#1042529: sogo: Multiple embdeded and minified javascript library
Bastien Roucariès
rouca at debian.org
Sat Jul 29 20:51:27 BST 2023
Source: sogo
Severity: serious
Tags: ftbfs security
Justification: FTBFS + security
X-Debbugs-Cc: Debian Security Team <team at security.debian.org>
Dear Maintainer,
https://sources.debian.org/src/sogo/5.8.4-1/UI/WebServerResources/js/vendor/
inlclude a few library precompiled and that seems outdated (bad from a security
point of view due to recent CVE for ckeditor)
Could you deembed and use packaged library
Thanks
Bastien
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <http://alioth-lists.debian.net/pipermail/pkg-sogo-maintainers/attachments/20230729/38861961/attachment.sig>
More information about the Pkg-sogo-maintainers
mailing list