In the meantime, I have updated my PPA with working fixes (I tested each in a fresh VM; they work as intended and fix the security issue) for Xenial and Artful.
Security Team, feel free to copy my packages to your PPA: https://launchpad.net/~tsimonq2/+archive/ubuntu/security-test-builds/+sourcepub/8981311/+listing-archive-extra https://launchpad.net/~tsimonq2/+archive/ubuntu/security-test-builds/+sourcepub/8981308/+listing-archive-extra The diffs for each are on that page if you would like to do it manually. Please sponsor each to go into Ubuntu. Thanks. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1758699 Title: [CVE] JavaScript in a book can access local files using XMLHttpRequest To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/calibre/+bug/1758699/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
