[Pkg-sogo-maintainers] Sogo for Trixie
Tobias Frost
tobi at debian.org
Wed Dec 24 12:40:06 GMT 2025
Hi,
I'm currently working (for LTS) on sogo, and for that I've just uploaded
an fix for CVE-2025-63499 to DELAYED-2 for unstable.
After that I'd go for trixie, with additionally fixing CVE-2025-63498.
(As the final target is providing fixes for LTS, I'll also tackle the
open vulnerabilities for bookworm.)
sogo is in dsa-needed.txt, trixies CVEs are all triaged "vulnerable",
boowkorm's are mixed "no-dsa" and "vulnerable."
As the next point release are near too, I can also do a s-p-u, or
prepare a security upload and then hand over to you (like we did for
libpng)
Please let me know how I should proceed..
--
happy holidays,
tobi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-sogo-maintainers/attachments/20251224/e0d52850/attachment.sig>
More information about the Pkg-sogo-maintainers
mailing list