Ubuntu
calibre package

  1. Bug #1758699
  2. Comment #9

Comment 9 for bug 1758699

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package calibre - 1.25.0+dfsg-1ubuntu1.2

---------------
calibre (1.25.0+dfsg-1ubuntu1.2) trusty-security; urgency=medium

  * SECURITY UPDATE: JavaScript in a book can access local files using
    XMLHttpRequest (LP: #1758699).
    - fix-CVE-2016-10187.patch
    - CVE-2016-10187
  * SECURITY UPDATE: Malicious code execution when using CPickle instead of
    JSON (LP: #1758699).
    - fix-CVE-2018-7889.patch
    - CVE-2018-7889

 -- Simon Quigley <email address hidden> Thu, 12 Apr 2018 16:06:17 -0500