Activity log for bug #1758699

Date Who What changed Old value New value Message
2018-03-25 16:41:17 Simon Quigley bug added bug
2018-03-25 16:41:26 Simon Quigley nominated for series Ubuntu Xenial
2018-03-25 16:41:26 Simon Quigley bug task added calibre (Ubuntu Xenial)
2018-03-25 16:41:26 Simon Quigley nominated for series Ubuntu Trusty
2018-03-25 16:41:26 Simon Quigley bug task added calibre (Ubuntu Trusty)
2018-03-25 16:41:32 Simon Quigley calibre (Ubuntu Trusty): assignee Simon Quigley (tsimonq2)
2018-03-25 16:41:33 Simon Quigley calibre (Ubuntu Xenial): assignee Simon Quigley (tsimonq2)
2018-03-25 16:41:34 Simon Quigley calibre (Ubuntu Trusty): importance Undecided Medium
2018-03-25 16:41:36 Simon Quigley calibre (Ubuntu Xenial): importance Undecided Medium
2018-03-25 16:41:37 Simon Quigley calibre (Ubuntu): importance Undecided Medium
2018-03-25 16:41:43 Simon Quigley calibre (Ubuntu): status New Fix Released
2018-03-25 16:42:06 Simon Quigley cve linked 2016-10187
2018-03-25 17:45:46 Simon Quigley calibre (Ubuntu Trusty): status New In Progress
2018-03-25 17:45:47 Simon Quigley calibre (Ubuntu Xenial): status New In Progress
2018-03-25 17:47:25 Simon Quigley bug added subscriber Ubuntu Security Sponsors Team
2018-03-27 00:25:39 Simon Quigley description The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript. For CVE-2016-10187: The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript. For CVE-2018-7889: gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call.
2018-03-27 00:25:46 Simon Quigley cve linked 2018-7889
2018-03-27 00:25:53 Simon Quigley nominated for series Ubuntu Artful
2018-03-27 00:25:53 Simon Quigley bug task added calibre (Ubuntu Artful)
2018-03-27 19:58:52 Simon Quigley calibre (Ubuntu Artful): status New Confirmed
2018-03-27 19:58:54 Simon Quigley calibre (Ubuntu Artful): importance Undecided Medium
2018-03-27 19:58:56 Simon Quigley calibre (Ubuntu Artful): assignee Simon Quigley (tsimonq2)
2018-03-29 01:37:34 Simon Quigley calibre (Ubuntu Trusty): status In Progress Confirmed
2018-03-29 01:37:36 Simon Quigley calibre (Ubuntu Xenial): status In Progress Confirmed
2018-03-31 02:54:40 Simon Quigley bug added subscriber Marc Deslauriers
2018-04-12 21:00:12 Launchpad Janitor calibre (Ubuntu Xenial): status Confirmed Fix Released
2018-04-12 21:10:20 Launchpad Janitor calibre (Ubuntu Artful): status Confirmed Fix Released
2018-04-13 15:04:07 Launchpad Janitor calibre (Ubuntu Trusty): status Confirmed Fix Released