On Sun, 2026-01-04 at 20:30 +0100, Salvatore Bonaccorso wrote: > Hi Tobias, > > On Sun, Jan 04, 2026 at 05:51:37PM +0100, Tobias Frost wrote: > [...] > > This o-s-p-u fixes the following CVES: > > * CVE-2024-48104 - HTML Injection (Closes: #1060925) > > This should have been CVE-2023-48104. Adam can you update that for > the comments at least, not sure we have enough time to make a reject > and new upload correcting that.
I used the correct ID in the comment, but given the time between oldstable point releases I decided to accept the package as-is rather than wait for a reject-and-reupload cycle. If desired then I'd likely accept a u2 that simply corrected the typo in the u1 changelog, so long as it happened quickly. Regards, Adam
