Debian Package Tracker

general

source: calibre (main)
version: 3.35.0+dfsg-1
maintainer: Norbert Preining [DMD]
uploaders: Martin Pitt [DMD]
arch: all any
std-ver: 4.2.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.8.51+dfsg1-0.1
o-o-sec: 0.8.51+dfsg1-0.1+deb7u1
o-o-bpo: 1.22.0+dfsg1-1~bpo70+2
oldstable: 2.5.0+dfsg-1
old-bpo: 2.75.1+dfsg-1~bpo8+1
stable: 2.75.1+dfsg-1
stable-bpo: 3.31.0+dfsg-1~bpo9+1
testing: 3.35.0+dfsg-1
unstable: 3.35.0+dfsg-1

versioned links

0.8.51+dfsg1-0.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.8.51+dfsg1-0.1+deb7u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.22.0+dfsg1-1~bpo70+2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.5.0+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.75.1+dfsg-1~bpo8+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.75.1+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.31.0+dfsg-1~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.35.0+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

calibre
calibre-bin

action needed

Does not build reproducibly during testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2018-12-21 Last update: 2019-01-17 23:43

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2018-10-01 Last update: 2019-01-17 21:19

18 new commits since last upload, time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 3.37.0+dfsg-1~1, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit cc98ecaf9e64238881eae041e21077dd1696eced
Author: Nicholas D Steeves <nsteeves@gmail.com>
Date:   Thu Jan 3 00:40:35 2019 -0700

    Also use secure URL in d/rules:get-orig-source

commit dc5b42b1a902774ddb811778d5405507c82ebfa2
Author: Norbert Preining <norbert@preining.info>
Date:   Sun Jan 6 00:36:45 2019 +0900

    update deps for css-parser

commit 9c9072d5807b40682a707d6255464ad55a65a26a
Author: Norbert Preining <norbert@preining.info>
Date:   Sat Jan 5 23:50:10 2019 +0900

    update changelog

commit a844803e6a23fadb110e1e81f7171059c5836b6c
Merge: 60cb97d13 9c39bbe1c
Author: Norbert Preining <norbert@preining.info>
Date:   Sat Jan 5 23:48:02 2019 +0900

    Update upstream source from tag 'upstream/3.37.0+dfsg'
    
    Update to upstream version '3.37.0+dfsg'
    with Debian dir 73da728c6834db9241cd2658beaacc5b4e6c09cd

commit 9c39bbe1cd7077f1ea20d0018cb5d5a7a14fff87
Author: Norbert Preining <norbert@preining.info>
Date:   Sat Jan 5 23:46:36 2019 +0900

    New upstream version 3.37.0+dfsg

commit 60cb97d131571c5b0be0b6a581ec54d3c72404be
Author: Nicholas D Steeves <nsteeves@gmail.com>
Date:   Thu Jan 3 00:35:11 2019 -0700

    Use secure URL in watch file

commit 3309d69adca04e4da23bdbefc6a6ad09bd0c8bdd
Author: Nicholas D Steeves <nsteeves@gmail.com>
Date:   Wed Jan 2 16:34:49 2019 -0700

    Add myself to Uploaders.

commit 9197c94f62d879db58d4ff357ce8e917226d7ba3
Author: Nicholas D Steeves <nsteeves@gmail.com>
Date:   Fri Dec 28 13:29:59 2018 -0700

    Add python-msgpack >= 0.5.6~ dependency to bin:calibre.

commit cd62be7d7c83aa5e8d1943f27aacf510edb55af9
Author: Nicholas D Steeves <nsteeves@gmail.com>
Date:   Tue Dec 25 18:53:29 2018 -0700

    Switch to secure copyright format URL.

commit 5924394c3e074e9d8d192249506da022b044e2aa
Author: Nicholas D Steeves <nsteeves@gmail.com>
Date:   Tue Dec 25 16:35:33 2018 -0700

    Use system jquery and remove embedded copy.

commit d85aba53dab97b0d267aeb99020d76757d27676a
Author: Nicholas D Steeves <nsteeves@gmail.com>
Date:   Tue Dec 25 16:34:20 2018 -0700

    Drop obsolete debian/pycompat.

commit 8e4a232328b0cd6e496cd26ba5679b32426fea5a
Author: Norbert Preining <norbert@preining.info>
Date:   Tue Dec 25 10:51:42 2018 +0900

    Adjust watch file for version 3 series

commit 58bd9e049084f0e6dd93899c54c11b31a83519db
Author: Norbert Preining <norbert@preining.info>
Date:   Tue Dec 25 09:54:13 2018 +0900

    update changelog

commit 0469ae41ef87c375de0115b359fc7e883fa8a0a8
Merge: 8358d920a 039756517
Author: Norbert Preining <norbert@preining.info>
Date:   Tue Dec 25 09:53:21 2018 +0900

    Update upstream source from tag 'upstream/3.36.0+dfsg'
    
    Update to upstream version '3.36.0+dfsg'
    with Debian dir a4107800ed63b297fcc7fab732e47a0e21c1adf1

commit 039756517307959bbba8ae9fbb454085c82f0d9c
Author: Norbert Preining <norbert@preining.info>
Date:   Tue Dec 25 09:51:16 2018 +0900

    New upstream version 3.36.0+dfsg

commit 8358d920accf436e20d814a3cf713bf5a846b674
Author: Nicholas D Steeves <nsteeves@gmail.com>
Date:   Sun Dec 23 22:42:16 2018 -0700

    Fix a line that was too long in extended description.

commit 8b6cca39a8d97ecb326d052681de4c062afef9c2
Author: Nicholas D Steeves <nsteeves@gmail.com>
Date:   Sun Dec 23 22:36:26 2018 -0700

    Clean up trailing whitespace in changelog and control.

commit fbb253a02cc9b598b7d90bfbacc1692de542a3a9
Author: Nicholas D Steeves <nsteeves@gmail.com>
Date:   Sun Dec 23 22:10:55 2018 -0700

    Add build dep on >= 0.5.6~ of python-msgpack
    
    Calibre began to require newer than 0.4.8 some time between 3.31.0 and 3.35.

Created: 2018-12-24 Last update: 2019-01-17 03:44

lintian reports 17 warnings normal

Lintian reports 17 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2018-10-12 Last update: 2019-01-16 09:08

AppStream hints: 3 warnings normal

AppStream found metadata issues for packages:

calibre: 3 warnings

You should get rid of them to provide more metadata about this software.

Created: 2018-06-04 Last update: 2018-06-04 02:26

1 ignored security issue in stretch low

There is 1 open security issue in stretch.

1 issue skipped by the security teams:

CVE-2018-7889: gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call.

Please fix it.

Created: 2018-03-09 Last update: 2018-12-18 17:38

3 ignored security issues in jessie low

There are 3 open security issues in jessie.

3 issues skipped by the security teams:

CVE-2018-7889: gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call.
CVE-2016-10187: The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript.
CVE-2010-1028: Integer overflow in the decompression functionality in the Web Open Fonts Format (WOFF) decoder in Mozilla Firefox 3.6 before 3.6.2 and 3.7 before 3.7 alpha 3 allows remote attackers to execute arbitrary code via a crafted WOFF file that triggers a buffer overflow, as demonstrated by the vd_ff module in VulnDisco 9.0.

Please fix them.

Created: 2017-01-29 Last update: 2018-12-18 17:38

Build log checks report 2 warnings low

Build log checks report 2 warnings

Created: 2017-10-26 Last update: 2017-10-26 07:21

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.3.0 instead of 4.2.1).

Created: 2018-12-23 Last update: 2018-12-23 17:15

news

[rss feed]

[2018-12-19] calibre 3.35.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-12-09] Accepted calibre 3.35.0+dfsg-1 (source amd64 all) into unstable (Norbert Preining)
[2018-11-17] calibre 3.34.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-11-09] Accepted calibre 3.34.0+dfsg-1 (source amd64 all) into unstable (Norbert Preining)
[2018-10-23] calibre 3.33.1+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-10-22] Accepted calibre 3.33.1+dfsg-1 (source amd64 all) into unstable (Norbert Preining)
[2018-10-08] calibre 3.32.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-09-28] Accepted calibre 3.32.0+dfsg-1 (source amd64 all) into unstable (Norbert Preining)
[2018-09-18] Accepted calibre 3.31.0+dfsg-1~bpo9+1 (source) into stretch-backports (Nicholas D Steeves) (signed by: Mattia Rizzolo)
[2018-09-12] calibre 3.31.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-09-07] Accepted calibre 3.31.0+dfsg-1 (source amd64 all) into unstable (Norbert Preining)
[2018-08-29] calibre 3.30.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-08-29] calibre 3.30.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-08-24] Accepted calibre 3.30.0+dfsg-1 (source amd64 all) into unstable (Norbert Preining)
[2018-08-15] calibre 3.29.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-08-10] Accepted calibre 3.29.0+dfsg-1 (source amd64 all) into unstable (Norbert Preining)
[2018-07-26] calibre 3.28.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-07-21] Accepted calibre 3.28.0+dfsg-1 (source amd64 all) into unstable (Norbert Preining)
[2018-07-21] calibre 3.27.1+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-07-09] Accepted calibre 3.27.1+dfsg-1 (source amd64 all) into unstable (Norbert Preining)
[2018-07-04] calibre 3.26.1+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-07-02] Accepted calibre 3.26.0+dfsg-1~bpo9+1 (source amd64 all) into stretch-backports, stretch-backports (Nicholas D Steeves) (signed by: Chris Lamb)
[2018-06-28] Accepted calibre 3.26.1+dfsg-1 (source amd64 all) into unstable (Norbert Preining)
[2018-06-20] calibre 3.26.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-06-15] Accepted calibre 3.26.0+dfsg-1 (source amd64 all) into unstable (Norbert Preining)
[2018-06-08] calibre 3.25.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-06-03] Accepted calibre 3.25.0+dfsg-1 (source amd64 all) into unstable (Norbert Preining)
[2018-06-03] calibre 3.24.2+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-05-28] Accepted calibre 3.24.2+dfsg-1 (source amd64 all) into unstable (Norbert Preining)
[2018-05-25] Accepted calibre 3.24.0+dfsg-1 (source amd64 all) into unstable (Norbert Preining)

bugs [bug history graph]

all: 55
RC: 0
I&N: 41
M&W: 14
F&P: 0
patch: 1

links

homepage
lintian (0, 17)
buildd: logs, checks, clang, reproducibility
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 3.35.0+dfsg-1build1
48 bugs