-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 01 Mar 2026 16:11:43 +0900 Source: calibre Binary: calibre-bin calibre-bin-dbgsym Architecture: armhf Version: 8.5.0+ds-1+deb13u2 Distribution: trixie Urgency: medium Maintainer: arm Build Daemon (arm-ubc-05) Changed-By: YOKOTA Hiroshi Description: calibre-bin - powerful and easy to use e-book manager (binary plugins) Changes: calibre (8.5.0+ds-1+deb13u2) trixie; urgency=medium . * CVE-2026-25635: CHM Input: Ignore internal files that have paths that end up outside the container * CVE-2026-25636: DRYer * CVE-2026-25731: ZIP Output: Change the template engine used for HTML templating from templite to Mustache, for greater safety and performance. Note that this is a breaking change if you use custom templates with ZIP output. * Use pystache instead of templite to fix CVE-2026-25731 * Add NEWS about CVE-2026-25731 fix * CVE-2026-26064: ODT Input: Ensure images are extracted within container * CVE-2026-26065: PDB Input: Ensure extracted images are within the container * CVE-2026-27810: Content server: Sanitize content disposition received as query parameter * CVE-2026-27824: Content server: When banning IPs for repeated login is enabled, only use the IP address not any HTTP headers as the ban key Checksums-Sha1: 34246dc450d3f9a3a0cc4579b1bed1ba9ef2a5ac 4897220 calibre-bin-dbgsym_8.5.0+ds-1+deb13u2_armhf.deb 00bf74c1d7bdf5896d3ba7d1609ad59bfc376f44 760724 calibre-bin_8.5.0+ds-1+deb13u2_armhf.deb 3200c7089fd1f20193156ca4a14ef5efc3f7dd0c 23915 calibre_8.5.0+ds-1+deb13u2_armhf-buildd.buildinfo Checksums-Sha256: 794550d8149efbd019b65f102ac801215c2abcae81a3f71cb6d85e9547b7c5a0 4897220 calibre-bin-dbgsym_8.5.0+ds-1+deb13u2_armhf.deb 8852498d2b0f9d83ab048a96c611cbf7b1fe03720cb7e578dc8dc98b4e674a2d 760724 calibre-bin_8.5.0+ds-1+deb13u2_armhf.deb 169c0c53a52dabc303666df9a02e3125fa40e5b6fa8e35e6c3b9cb5007de2bd1 23915 calibre_8.5.0+ds-1+deb13u2_armhf-buildd.buildinfo Files: d75984fd47d4592a382dec4d055553e9 4897220 debug optional calibre-bin-dbgsym_8.5.0+ds-1+deb13u2_armhf.deb 04e055ed17330bec6685bd142aab8718 760724 text optional calibre-bin_8.5.0+ds-1+deb13u2_armhf.deb fd3a102487acbbdf6ac9284395111c8e 23915 text optional calibre_8.5.0+ds-1+deb13u2_armhf-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEiIG3Q3DxwDgRKKeyLRECdjCZQkcFAmn2epsACgkQLRECdjCZ QkcL6w/+LvJlcLWOGi3uyL1822ZdmPY5TEGL5P6uJoaXFgH2MMCHhVkBirOaC1ur xZeB7Bd5TmkMsqgnUTY7fukWJU0nr9mKGLtrUQ2/fna3BsLW2tpWq/3H1mBs7pkN GFn4sMCxTr49nCX5cPiBFt/6EU4ln266k+LPJKAhgjJqG1LACZjfI/Cj/B76dZH7 JHhH7YRpwr9IfMg/wqfJe5E0v8rHDnbzwGyQ2348VNsuCwFUBYaqUzfuqVYf2Jn0 YkLzlhrwN6rZ00h12vAfX5CoNx4aFfC/GV5fJbCEEBSthjtdp5X+j+nY7aT5giKY GKmtMIWyynlvpbON/s9YDmEAPARcP31L+s5XFOBtGfr9RGx4Fg008Y4zRYaxOStG KswwGaLkyv8/eAepaHENiNBXqcLT6ywpqAiP25JAtG/wDvKqp/OVlDVY0UmUtiCq 7JbMAjT0UuKhRzCkIGjsA2jWsrwcuAB7Ipi8Pa3k8T8oDk6e9w+Fb8v8sfVq3wlp CPYXWk12uUFmOtu9ak8nvJTzyvyTug3M4aYmnIT7+OOpfCMI+Sz/u1O9Au5d3dEH y6Yf1tmW3RWGQgF1UkM1MKZXYPSU8OPodPhKizU4i0x9cdvyQlEo5S1qqpIdK17+ 3DIjfw4OA5A70uo2XEcFjdeJ93HjSFUn7cGapAfQfEGx3DXewF0= =Em3t -----END PGP SIGNATURE-----