Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > linux.debian.changes > #13587

Accepted calibre 8.5.0+ds-1+deb13u2 (source) into proposed-updates

From Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Newsgroups linux.debian.changes
Subject Accepted calibre 8.5.0+ds-1+deb13u2 (source) into proposed-updates
Date 2026-05-02 22:50 +0200
Message-ID <MQprH-273D-25@gated-at.bofh.it> (permalink)
Organization linux.* mail to news gateway

Show all headers | View raw

[Multipart message — attachments visible in raw view] - view raw

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 01 Mar 2026 16:11:43 +0900
Source: calibre
Architecture: source
Version: 8.5.0+ds-1+deb13u2
Distribution: trixie
Urgency: medium
Maintainer: Calibre maintainer team <team+calibre@tracker.debian.org>
Changed-By: YOKOTA Hiroshi <yokota.hgml@gmail.com>
Changes:
 calibre (8.5.0+ds-1+deb13u2) trixie; urgency=medium
 .
   * CVE-2026-25635: CHM Input: Ignore internal files that have paths that
     end up outside the container
   * CVE-2026-25636: DRYer
   * CVE-2026-25731: ZIP Output: Change the template engine used for HTML
     templating from templite to Mustache, for greater safety and
     performance. Note that this is a breaking change if you use custom
     templates with ZIP output.
   * Use pystache instead of templite to fix CVE-2026-25731
   * Add NEWS about CVE-2026-25731 fix
   * CVE-2026-26064: ODT Input: Ensure images are extracted within
     container
   * CVE-2026-26065: PDB Input: Ensure extracted images are within the
     container
   * CVE-2026-27810: Content server: Sanitize content disposition received
     as query parameter
   * CVE-2026-27824: Content server: When banning IPs for repeated login is
     enabled, only use the IP address not any HTTP headers as the ban key
Checksums-Sha1:
 93021a2916503da4b2c9676133f962c3daaa60d2 3681 calibre_8.5.0+ds-1+deb13u2.dsc
 7e0ce1d3f17e7038a8310685bf5403c4720e7ce5 892520 calibre_8.5.0+ds-1+deb13u2.debian.tar.xz
 469e8c699965b42d7d95bf0959f2d30961d1d5ca 23739 calibre_8.5.0+ds-1+deb13u2_source.buildinfo
Checksums-Sha256:
 3b1e45295a00d845cb3abfc047343f88e20df81cf7ded1876384cfa300721a02 3681 calibre_8.5.0+ds-1+deb13u2.dsc
 7229808a1384892fdb1ee52fcbd93224432b3fe65728f0a9c8af0bfb3847a944 892520 calibre_8.5.0+ds-1+deb13u2.debian.tar.xz
 5e293069ce0b71d7136de0e6e4311375f8a9bf8d8001584506a1600d771cbe22 23739 calibre_8.5.0+ds-1+deb13u2_source.buildinfo
Files:
 544b6b600a6472ed0a00cc81e48592d1 3681 text optional calibre_8.5.0+ds-1+deb13u2.dsc
 10ef81289f3c74cd756b266a1dbb96c0 892520 text optional calibre_8.5.0+ds-1+deb13u2.debian.tar.xz
 8cd1d1ae3e7cfc62e8b230dbcbc929ba 23739 text optional calibre_8.5.0+ds-1+deb13u2_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJKBAEBCgA0FiEErjlfKHqxT11VFyPEqem2T5LebcoFAmnSgMoWHHlva290YS5o
Z21sQGdtYWlsLmNvbQAKCRCp6bZPkt5tyjw5EACkjr9UW+m6vXcdDOxfaFsuiA6o
KHBNKn446qhiDas7U3frDxDZ/vshTiiW1mWPMdiuDGhyd2aKH+oF3G5z9IADfr1V
KbDH7XVWuxr+mvqpDfpPkiUm8PlxngTeWh9IzTV0GtXpUNfu3/LPpOl4UGNZ7xFR
mGR18vFz+7IMmx7CDwgXF2oPJis8Gqq2vprAWOb6fIIKDJ9GVr2tOLQ8RId/9qtm
UupE2J/zwXSYM29gUksxpr/R5IK4XWJuwLp7ZiluywqKDy8jZWNM+ZPp+u+M8azD
hnxW8CTdy8Qyujm9zjIpgRESBM3Z2zyULjS8E7kHV/ZdF9tkUUIfsAA4gdvRT+2B
wekrb04bwgYKklKtLdXXuUjUkv1dJrwyISmLOWN/Y6H5bOgifzUIKcRh8A2IUrjZ
eylTxzhmwu3JosQ9Ve8wmciJJwjxVNR98KNKun7+RjrQvQu+Re03vLwbQS3DfyQK
bsjbNnzUWfaFPyYJyX3rMcMQt0KyHCG28hyxY8QzRZ7Rz5NfXTC13MHmc6Gz4hxb
gkfh6m4sYqcoYcDmvfx9OrhC7zMmQO9K+gaOoKysZ93+QOj79ExFgcrww65RgIKW
kj6y609hDwgUwMcE4YC9xJoXfiB9O9Sxk0ZnoBPaIIAaGdZGRGjajIevEIKX4ua4
mT3hRFVuwmQ2XyakxQ==
=Mg9A
-----END PGP SIGNATURE-----

Back to linux.debian.changes | Previous | Next | Find similar

Thread

Accepted calibre 8.5.0+ds-1+deb13u2 (source) into proposed-updates Debian FTP Masters <ftpmaster@ftp-master.debian.org> - 2026-05-02 22:50 +0200

csiph-web