Re: Wheezy update of calibre?
On 2017-03-15 17:56:52, Brian May wrote: > Antoine Beaupréwrites: > >> In particular, it seems likely that there are more undocumented but >> public security issues in Calibre. See for example bug #853004: >> >> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853004 >> >> But there may be more. > > I have had a look and not found anything new. I don't think it is worth > delaying the update, we can issue new updates if we find additional > problems. agreed. > I just posted a proposed and tested patch - as well as packages for > testing - for wheezy-security - in the debian-lts mailing list. thanks! -- Nature hides her secret because of her essential loftiness, but not by means of ruse. - Albert Einstein
Re: Wheezy update of calibre?
Antoine Beaupréwrites: > In particular, it seems likely that there are more undocumented but > public security issues in Calibre. See for example bug #853004: > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853004 > > But there may be more. I have had a look and not found anything new. I don't think it is worth delaying the update, we can issue new updates if we find additional problems. I just posted a proposed and tested patch - as well as packages for testing - for wheezy-security - in the debian-lts mailing list. -- Brian May
Re: Wheezy update of calibre?
Just for the record: before packaging this update, we will need to investigate the issue much further. In particular, it seems likely that there are more undocumented but public security issues in Calibre. See for example bug #853004: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853004 But there may be more. A. -- A lot of people never use their initiative because no-one told them to. - Bansky