Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted sogo 5.12.8-1 (source) into unstable
Date: Tue, 12 May 2026 10:34:12 +0000
Signed by: Jordi Mallach <jordi@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 12 May 2026 11:53:29 +0200
Source: sogo
Architecture: source
Version: 5.12.8-1
Distribution: unstable
Urgency: medium
Maintainer: Debian SOGo Maintainers <pkg-sogo-maintainers@lists.alioth.debian.org>
Changed-By: Jordi Mallach <jordi@debian.org>
Changes:
 sogo (5.12.8-1) unstable; urgency=medium
 .
   * New upstream release, with 4 security fixes:
     - require that a UID exists before adding it to a folder's ACL
     - XSS mitigations for mail Subject rendering
     - strip dangerous HTML event attributes from ICS invitations
     - OpenId: verify the user's email domain and ensure the account exists in
       the local source before granting access
   * Update test after XSS sanitization changes.
Checksums-Sha1:
 2070381e07c20fee3ce17ade6f2f63056093353e 2291 sogo_5.12.8-1.dsc
 16776012b872090f6c87ee63a30ce2f2ffe075c6 37848204 sogo_5.12.8.orig.tar.gz
 589fd1124f351564dc70c25ca00469f6b94f11d2 21904 sogo_5.12.8-1.debian.tar.xz
 dba205a74f1ad0fc051b42c61e8fc07c674f2d37 13797 sogo_5.12.8-1_amd64.buildinfo
Checksums-Sha256:
 47f8ac64d40b0961245bedc36a0eb961894c45971fdd3138779887ad18a86338 2291 sogo_5.12.8-1.dsc
 05f81b604651f72de94c8bb012cc5e6aea17f8d3281161423fee6f091dd2a0e9 37848204 sogo_5.12.8.orig.tar.gz
 963a92609cf82f381f279b0a06a6c8550dd1c4713f2595de8e08bd69805b951f 21904 sogo_5.12.8-1.debian.tar.xz
 a02eb6dd79263f9320a0fce9d859493b4af374db28e2d7e6ae1d0ac6324edc77 13797 sogo_5.12.8-1_amd64.buildinfo
Files:
 3ca8f90f7784e42bbd415d933ea5f1d9 2291 mail optional sogo_5.12.8-1.dsc
 0989b9591923eb5d58bb60993722da1f 37848204 mail optional sogo_5.12.8.orig.tar.gz
 452634f9eceac676beee209fdc90c704 21904 mail optional sogo_5.12.8-1.debian.tar.xz
 48a9faa3b44e3141d2144831d65b0c2c 13797 mail optional sogo_5.12.8-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE6BdUhsApKYN8KGoWJVAvb8vjywQFAmoC/fQACgkQJVAvb8vj
ywSDtQ/+KYzYsKBG9gbBusaOysPQ6y8DwJiH9g1SojT+5th023/u3Q99YUEnFNKt
Mhy9fVcfQEssT5Sg6ermwgbSwI+R8J/GcJGTZP7unONkZDpvtw+sHqIXfMDTzTIR
9E3/0BUswO1dlX0h++27H3i50Tn7OLt2Zc2g4X//lv2PzYFrRr0RUjfa7CVr0z1K
qBLVHjxymSXgDQoPL3Q6GWUahAkQGnE9cr462Epk2IdaaDBvOMUVCG6P8Kk2Z2J1
pT5XdMCRKLlcTlZMRZ29qR8el+bgVtVOi2PtWgGYaMvK7W5D9/P0Oybiwmwq2n97
Vl1kvss/yYXWy3CNfk/FtaIK2/9K2lAwoMtNimicb4hMNH5Rgwu6X8iNzaZty0PY
tIEg+27ICF5F4cHzCJhfU33+9vYT6jSr5131Ym4/ITIoKhgGD9p6GlkWdIjcgv1A
trMuO3E7PRu/tEw13eAHwflr50760orYZGv7SrrlIWZWktSjLNoDhHcQPBfitDKo
cfcn4ZfrSZ00PbZBSNiLvunVB6zLIKeFE3MC5L/ZZzhIFH15K6J3BmFLotLOcszR
4qqAdQkx0/WzVDJw9E4/aBy0/Y0Q1VOHghBzKWpON6ZDgod64OqOO2Q/d79S34sk
pStWZ8vRcasYTBzPqD4HGzNyKAI3gh1IAW6BeiOnVSk7BBCzcB0=
=SUoM
-----END PGP SIGNATURE-----
News for package sogo
