Debian Package Tracker

general

source: calibre (main)
version: 3.39.1+dfsg-3
maintainer: Norbert Preining [DMD]
uploaders: Martin Pitt [DMD] – Nicholas D Steeves [DMD] [dm]
arch: all any
std-ver: 4.2.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 2.5.0+dfsg-1
stable: 2.75.1+dfsg-1
stable-bpo: 3.39.1+dfsg-2~bpo9+1
testing: 3.39.1+dfsg-3
unstable: 3.39.1+dfsg-3
exp: 3.44.0+dfsg-1

versioned links

2.5.0+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.75.1+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.39.1+dfsg-2~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.39.1+dfsg-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.44.0+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

calibre (44 bugs: 0, 30, 14, 0)
calibre-bin

action needed

A new upstream version is available: 3.44.0 high

A new upstream version 3.44.0 is available, you should consider packaging it.

Created: 2019-03-12 Last update: 2019-06-17 07:05

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2019-04-01 Last update: 2019-06-17 08:02

Does not build reproducibly during testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2019-05-17 Last update: 2019-06-17 07:37

lintian reports 16 warnings normal

Lintian reports 16 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2019-03-13 Last update: 2019-04-21 05:04

AppStream hints: 3 warnings normal

AppStream found metadata issues for packages:

calibre: 3 warnings

You should get rid of them to provide more metadata about this software.

Created: 2018-06-04 Last update: 2018-06-04 02:26

1 ignored security issue in stretch low

There is 1 open security issue in stretch.

1 issue skipped by the security teams:

CVE-2018-7889: gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call.

Please fix it.

Created: 2018-03-09 Last update: 2019-05-15 06:44

3 ignored security issues in jessie low

There are 3 open security issues in jessie.

3 issues skipped by the security teams:

CVE-2018-7889: gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call.
CVE-2010-1028: Integer overflow in the decompression functionality in the Web Open Fonts Format (WOFF) decoder in Mozilla Firefox 3.6 before 3.6.2 and 3.7 before 3.7 alpha 3 allows remote attackers to execute arbitrary code via a crafted WOFF file that triggers a buffer overflow, as demonstrated by the vd_ff module in VulnDisco 9.0.
CVE-2016-10187: The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript.

Please fix them.

Created: 2017-01-29 Last update: 2019-05-15 06:44

Build log checks report 2 warnings low

Build log checks report 2 warnings

Created: 2017-10-26 Last update: 2017-10-26 07:21

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.3.0 instead of 4.2.1).

Created: 2018-12-23 Last update: 2019-05-10 14:01

news

[rss feed]

[2019-05-31] Accepted calibre 3.44.0+dfsg-1 (source amd64 all) into experimental (Norbert Preining)
[2019-05-28] Accepted calibre 3.43.0+dfsg-1 (source amd64 all) into experimental (Norbert Preining)
[2019-05-15] calibre 3.39.1+dfsg-3 MIGRATED to testing (Debian testing watch)
[2019-05-10] Accepted calibre 3.39.1+dfsg-3 (source amd64 all) into unstable (Norbert Preining)
[2019-05-05] Accepted calibre 3.42.0+dfsg-1 (source amd64 all) into experimental (Norbert Preining)
[2019-04-20] Accepted calibre 3.41.3+dfsg-1 (source amd64 all) into experimental (Norbert Preining)
[2019-04-19] Accepted calibre 3.41.1+dfsg-1 (source amd64 all) into experimental (Norbert Preining)
[2019-04-19] Accepted calibre 3.41.0+dfsg-1 (source amd64 all) into experimental (Norbert Preining)
[2019-03-23] Accepted calibre 3.39.1+dfsg-2~bpo9+1 (source) into stretch-backports->backports-policy, stretch-backports (Nicholas D Steeves)
[2019-03-11] Accepted calibre 3.40.1+dfsg-1 (source amd64 all) into experimental (Norbert Preining)
[2019-02-20] calibre 3.39.1+dfsg-2 MIGRATED to testing (Debian testing watch)
[2019-02-10] Accepted calibre 3.39.1+dfsg-2 (source) into unstable (Norbert Preining) (signed by: Nicholas D Steeves)
[2019-02-05] Accepted calibre 3.39.1+dfsg-1 (source) into unstable (Nicholas D Steeves)
[2018-12-19] calibre 3.35.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-12-09] Accepted calibre 3.35.0+dfsg-1 (source amd64 all) into unstable (Norbert Preining)
[2018-11-17] calibre 3.34.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-11-09] Accepted calibre 3.34.0+dfsg-1 (source amd64 all) into unstable (Norbert Preining)
[2018-10-23] calibre 3.33.1+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-10-22] Accepted calibre 3.33.1+dfsg-1 (source amd64 all) into unstable (Norbert Preining)
[2018-10-08] calibre 3.32.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-09-28] Accepted calibre 3.32.0+dfsg-1 (source amd64 all) into unstable (Norbert Preining)
[2018-09-18] Accepted calibre 3.31.0+dfsg-1~bpo9+1 (source) into stretch-backports (Nicholas D Steeves) (signed by: Mattia Rizzolo)
[2018-09-12] calibre 3.31.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-09-07] Accepted calibre 3.31.0+dfsg-1 (source amd64 all) into unstable (Norbert Preining)
[2018-08-29] calibre 3.30.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-08-29] calibre 3.30.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-08-24] Accepted calibre 3.30.0+dfsg-1 (source amd64 all) into unstable (Norbert Preining)
[2018-08-15] calibre 3.29.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-08-10] Accepted calibre 3.29.0+dfsg-1 (source amd64 all) into unstable (Norbert Preining)
[2018-07-26] calibre 3.28.0+dfsg-1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 45
RC: 0
I&N: 31
M&W: 14
F&P: 0
patch: 1

links

homepage
lintian (0, 16)
buildd: logs, exp, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 3.44.0+dfsg-1
48 bugs