* SECURITY UPDATE: JavaScript in a book can access local files using
XMLHttpRequest (LP: #1758699).
- fix-CVE-2016-10187.patch
- CVE-2016-10187
* SECURITY UPDATE: Malicious code execution when using CPickle instead of
JSON (LP: #1758699).
- fix-CVE-2018-7889.patch
- CVE-2018-7889
This bug was fixed in the package calibre - 1.25.0+ dfsg-1ubuntu1. 2
--------------- dfsg-1ubuntu1. 2) trusty-security; urgency=medium
calibre (1.25.0+
* SECURITY UPDATE: JavaScript in a book can access local files using 2016-10187. patch 2018-7889. patch
XMLHttpRequest (LP: #1758699).
- fix-CVE-
- CVE-2016-10187
* SECURITY UPDATE: Malicious code execution when using CPickle instead of
JSON (LP: #1758699).
- fix-CVE-
- CVE-2018-7889
-- Simon Quigley <email address hidden> Thu, 12 Apr 2018 16:06:17 -0500