[Git][security-tracker-team/security-tracker][master] calibre spu/ospu

Sun, 22 Feb 2026 13:30:13 -0800 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
35fd825c by Moritz Mühlenhoff at 2026-02-22T22:29:26+01:00
calibre spu/ospu

- - - - -


3 changed files:

- data/CVE/list
- data/next-oldstable-point-update.txt
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -1210,10 +1210,14 @@ CVE-2026-26275 (httpsig-hyper is a hyper extension for 
http message signatures.
        NOT-FOR-US: httpsig-hyper
 CVE-2026-26065 (calibre is a cross-platform e-book manager for viewing, 
converting, ed ...)
        - calibre 9.3.0+ds+~0.10.5-1
+       [trixie] - calibre <no-dsa> (Minor issue)
+       [bookworm] - calibre <no-dsa> (Minor issue)
        NOTE: 
https://github.com/kovidgoyal/calibre/security/advisories/GHSA-vmfh-7mr7-pp2w
        NOTE: Fixed by: 
https://github.com/kovidgoyal/calibre/commit/b6da1c3878c06eb1356cb0ec1106cb66e0e9bfb8
 (v9.3.0)
 CVE-2026-26064 (calibre is a cross-platform e-book manager for viewing, 
converting, ed ...)
        - calibre 9.3.0+ds+~0.10.5-1
+       [trixie] - calibre <no-dsa> (Minor issue)
+       [bookworm] - calibre <no-dsa> (Minor issue)
        NOTE: 
https://github.com/kovidgoyal/calibre/security/advisories/GHSA-72ch-3hqc-pgmp
        NOTE: Fixed by: 
https://github.com/kovidgoyal/calibre/commit/e1b5f9b45a5e8fa96c136963ad9a1d35e6adac62
 (v9.3.0)
 CVE-2026-24122 (Cosign provides code signing and transparency for containers 
and binar ...)


=====================================
data/next-oldstable-point-update.txt
=====================================
@@ -84,3 +84,7 @@ CVE-2026-1489
        [bookworm] - glib2.0 2.74.6-2+deb12u9
 CVE-2023-38199
        [bookworm] - modsecurity-crs 3.3.4-1+deb12u2
+CVE-2026-26064
+       [bookworm] - calibre 6.13.0+repack-2+deb12u6
+CVE-2026-26065
+       [bookworm] - calibre 6.13.0+repack-2+deb12u6


=====================================
data/next-point-update.txt
=====================================
@@ -110,3 +110,7 @@ CVE-2026-1485
        [trixie] - glib2.0 2.84.4-3~deb13u3
 CVE-2026-1489
        [trixie] - glib2.0 2.84.4-3~deb13u3
+CVE-2026-26065
+       [trixie] - calibre 8.5.0+ds-1+deb13u2
+CVE-2026-26064
+       [trixie] - calibre 8.5.0+ds-1+deb13u2



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/35fd825c0db9a620678f0c830931679fe293e92c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/35fd825c0db9a620678f0c830931679fe293e92c
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to