edubuntu-bugs team mailing list archive

Thread
Date

[Bug 1372400] Re: calibre vulnerable to XSS attack in book titles

To: edubuntu-bugs@xxxxxxxxxxxxxxxxxxx
From: Martin Pitt <martin.pitt@xxxxxxxxxx>
Date: Tue, 23 Sep 2014 06:25:02 -0000
Reply-to: Bug 1372400 <1372400@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

I contacted the blog author (using the contact form on the blog) to ask
about details of the calibre fix. I sent the following question:

------------------- 8< --------------
Hello! I'd like to check if this affects the Calibre version that is shipped in stable Debian/Ubuntu releases, and fix it there. Do you have some more information about that?

There is no Calibre 1.80 (the next release after 1.48 was 2.0), so
things that would help me to identify the fix would be any of those:

 - Did you file a bug report, or just sent a mail? If it's a bug report, do you have the URL?
 - If the above is not available: When exactly did you contact upstream?
 - If the above is not available: In which calibre version did that get fixed?

Thank you!
------------------- 8< --------------

-- 
You received this bug notification because you are a member of Edubuntu
Bugsquad, which is subscribed to calibre in Ubuntu.
https://bugs.launchpad.net/bugs/1372400

Title:
  calibre vulnerable to XSS attack in book titles

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/calibre/+bug/1372400/+subscriptions