On Sun, Jan 04, 2026 at 07:56:06PM +0000, Adam D. Barratt wrote: > On Sun, 2026-01-04 at 20:30 +0100, Salvatore Bonaccorso wrote: > > Hi Tobias, > > > > On Sun, Jan 04, 2026 at 05:51:37PM +0100, Tobias Frost wrote: > > > [...] > > > This o-s-p-u fixes the following CVES: > > > * CVE-2024-48104 - HTML Injection (Closes: #1060925) > > > > This should have been CVE-2023-48104. Adam can you update that for > > the comments at least, not sure we have enough time to make a reject > > and new upload correcting that. > > I used the correct ID in the comment, but given the time between > oldstable point releases I decided to accept the package as-is rather > than wait for a reject-and-reupload cycle. > > If desired then I'd likely accept a u2 that simply corrected the typo > in the u1 changelog, so long as it happened quickly.
Will provide an u2 later tonight. -- tobi > Regards, > > Adam
