-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 10 Jan 2011 09:18:13 -0600 Source: calibre Binary: calibre calibre-bin Architecture: source all amd64 Version: 0.7.38+dfsg-1 Distribution: unstable Urgency: low Maintainer: Miriam Ruiz <little_miry@yahoo.es> Changed-By: Martin Pitt <mpitt@debian.org> Description: calibre - e-book converter and library management calibre-bin - e-book converter and library management Closes: 608822 Changes: calibre (0.7.38+dfsg-1) unstable; urgency=low . * New upstream release: - Fix path traversal vulnerability in the content server (not enabled by default). See http://bugs.calibre-ebook.com/ticket/7980, http://www.waraxe.us/advisory-77.html. First half of #608822 * debian/control: Add new build dependency libicu-dev. * Add 00upstream_content_server_xss.patch: Fix XSS vulnerability in the content server, the other half of above issue. (Closes: #608822) Patch cherrypicked from upstream bzr (r7531) Checksums-Sha1: 10bf07904d86a7cc650c73de9f34447fcfed28eb 2329 calibre_0.7.38+dfsg-1.dsc 61c3a78d9dc8139cf5f3da5b70231ad682cd0c26 19936418 calibre_0.7.38+dfsg.orig.tar.gz a9aeaef3ec88a15c33faa873db215be043ffe6b1 17894 calibre_0.7.38+dfsg-1.debian.tar.gz 80e3615cbdfc69898045bcaba83c9ef0c1deeb27 9460206 calibre_0.7.38+dfsg-1_all.deb 066f4ef399d2a37b0d20d5c7659adf58ae032a57 183272 calibre-bin_0.7.38+dfsg-1_amd64.deb Checksums-Sha256: 24797a48909ba71658332ba5a14ffc1015cfc8fffb9865f74704cd4231325932 2329 calibre_0.7.38+dfsg-1.dsc deef68ce2bc6f0884a600a2e931507db0af7f1734b10139c88a1c375c3b8272a 19936418 calibre_0.7.38+dfsg.orig.tar.gz d8864cf8e8482a8fe7ddbcfd11281fade19505a1c2323d3dc7f86d2eeb4ff7e0 17894 calibre_0.7.38+dfsg-1.debian.tar.gz e486326b51a993eb3e9d6b9e26b9ec5dd4deca94c685dfabed52ecf66939d20e 9460206 calibre_0.7.38+dfsg-1_all.deb 027486bbb9cd1acc0fda12016cf13ccb5626ef316c88059e009fab0ae12baaa9 183272 calibre-bin_0.7.38+dfsg-1_amd64.deb Files: 077f8a0b0035c5b8ec439738b8922cda 2329 text extra calibre_0.7.38+dfsg-1.dsc d38a327703999744492b08d425e60667 19936418 text extra calibre_0.7.38+dfsg.orig.tar.gz 06f5a397b6a8be9fc34e0f81fc2e62ce 17894 text extra calibre_0.7.38+dfsg-1.debian.tar.gz b9dcd0d72fc340c9aad1e52bff31d2ed 9460206 text extra calibre_0.7.38+dfsg-1_all.deb 2eba3d19a1d34b7d1b2f84e69ff54b68 183272 text extra calibre-bin_0.7.38+dfsg-1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJNKyS/AAoJEPmIJawmtHufqJIP/1BqVAAGOl5XKJE2V9/0zkiB xxUpHob0Q/W9tyooVRtW8qoESUGqM7inbygLAjyP08LGuL0sboY0qU1Dc3DOsDXH J5LaV4pTYmasGneyRRlc+S3o6Bq17IHwReajPDPvMJrcefB+qlUUOkFt66zX0VGV 1T1f+dKkV8T8asYnNmiiuXshl4fkEomNvuSX6LYIdRWdNZyauWfEs4t7vuGd7uBv RrPwIMV0Vc3DMQ+wHeUkfyyd/plEThRNWtU9BmwGMZDTwJRkxbsHUt+QeRAuL7EQ HWkVXT9+t/lYdXtAQ0m+U3tciOJQ7DKcw/AK4ebuAU4Qc1pxMS2WVm8vjysCSY67 MgFRZZrR3fHAs3Awhv58PiG+KLbhCzSwrRCqG/JdHoCoCwLTE279OTMCsOCQs2xY /5I8IRf46F3yrh3M44I3eV/xoc4BSDrsrRcCxCtIVNG8yruXU4qYtRxP4unIPhu8 k7RbX8bwzk/3FzMMipv1yaocB945vUuPhl8gX8pzGKyK15PcQARlObZCUDschSEK hrKgfDG7UUWrHSE+pFJ3gDx0zfzYNyjObE8Q80oVBMpNT47yCjbRO2Ae+jlSD3ct 9PenXVOjRCAtfJR/N792k5K4Dyv0pBejWnTdiwkcKN2bsygjL+omWYQvqI/WSFux +3c2GRtVasDt1mjt4BV2 =z1Iq -----END PGP SIGNATURE----- Accepted: calibre-bin_0.7.38+dfsg-1_amd64.deb to main/c/calibre/calibre-bin_0.7.38+dfsg-1_amd64.deb calibre_0.7.38+dfsg-1.debian.tar.gz to main/c/calibre/calibre_0.7.38+dfsg-1.debian.tar.gz calibre_0.7.38+dfsg-1.dsc to main/c/calibre/calibre_0.7.38+dfsg-1.dsc calibre_0.7.38+dfsg-1_all.deb to main/c/calibre/calibre_0.7.38+dfsg-1_all.deb calibre_0.7.38+dfsg.orig.tar.gz to main/c/calibre/calibre_0.7.38+dfsg.orig.tar.gz