Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: rm
Hi Stable release managers, sogo in the 2.x series is security-wise unsupportable (confirmed as well by Jeroen). It is affected by several CVEs which are unfixed in stable as well. Could you please remove sogo from stable in the next point release? I know it is a seprate thing, so take this just as comment: Stretch as well ideally should not contain any 2.x version, that one should be autoremoved again in some days. Unclear if the situation would be different for 3.x. Regards, Salvatore
