[Git][security-tracker-team/security-tracker][master] calibre ospu

Sun, 08 Feb 2026 12:00:03 -0800 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
30d0fef1 by Moritz Mühlenhoff at 2026-02-08T20:59:11+01:00
calibre ospu

- - - - -


2 changed files:

- data/CVE/list
- data/next-oldstable-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -217,6 +217,8 @@ CVE-2026-25732 (NiceGUI is a Python-based UI framework. 
Prior to 3.7.0, NiceGUI'
        NOT-FOR-US: NiceGUI
 CVE-2026-25731 (calibre is an e-book manager. Prior to 9.2.0, a Server-Side 
Template I ...)
        - calibre 9.2.0+ds+~0.10.5-1
+       [trixie] - calibre <no-dsa> (Will be fixed via point update)
+       [bookworm] - calibre <no-dsa> (Will be fixed via point update)
        NOTE: 
https://github.com/kovidgoyal/calibre/security/advisories/GHSA-xrh9-w7qx-3gcc
        NOTE: Fixed by: 
https://github.com/kovidgoyal/calibre/commit/f0649b27512e987b95fcab2e1e0a3bcdafc23379
 (v9.2.0)
 CVE-2026-25729 (DeepAudit is a multi-agent system for code vulnerability 
discovery. In ...)
@@ -225,10 +227,14 @@ CVE-2026-25644 (DataHub is an open-source metadata 
platform. Prior to version 1.
        NOT-FOR-US: DataHub
 CVE-2026-25636 (calibre is an e-book manager. In 9.1.0 and earlier, a path 
traversal v ...)
        - calibre 9.2.0+ds+~0.10.5-1
+       [trixie] - calibre <no-dsa> (Will be fixed via point update)
+       [bookworm] - calibre <no-dsa> (Will be fixed via point update)
        NOTE: 
https://github.com/kovidgoyal/calibre/security/advisories/GHSA-8r26-m7j5-hm29
        NOTE: Fixed by: 
https://github.com/kovidgoyal/calibre/commit/9484ea82c6ab226c18e6ca5aa000fa16de598726
 (v9.2.0)
 CVE-2026-25635 (calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM 
reader con ...)
        - calibre 9.2.0+ds+~0.10.5-1
+       [trixie] - calibre <no-dsa> (Will be fixed via point update)
+       [bookworm] - calibre <no-dsa> (Will be fixed via point update)
        NOTE: 
https://github.com/kovidgoyal/calibre/security/advisories/GHSA-32vh-whvh-9fxr
        NOTE: Fixed by: 
https://github.com/kovidgoyal/calibre/commit/9739232fcb029ac15dfe52ccd4fdb4a07ebb6ce9
 (v9.2.0)
 CVE-2026-25634 (iccDEV provides a set of libraries and tools that allow for 
the intera ...)


=====================================
data/next-oldstable-point-update.txt
=====================================
@@ -42,3 +42,9 @@ CVE-2025-66034
        [bookworm] - fonttools 4.38.0-1+deb12u1
 CVE-2023-45139
        [bookworm] - fonttools 4.38.0-1+deb12u1
+CVE-2026-25636
+       [bookworm] - calibre 6.13.0+repack-2+deb12u6
+CVE-2026-25635
+       [bookworm] - calibre 6.13.0+repack-2+deb12u6
+CVE-2026-25731
+       [bookworm] - calibre 6.13.0+repack-2+deb12u6



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30d0fef14be831d2c9a88ec5fe6a7be34fe63d1a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30d0fef14be831d2c9a88ec5fe6a7be34fe63d1a
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to