Re: calibre / CVE-2018-7889
Antoine Beaupré <anarcat@orangeseeds.org> writes:
> But you're right, maybe we can just patch that out for now. It just
> seems the version in calibre is really, really old and I doubt anyone is
> actually using it. But I could be wrong!
I am looking at this now. https://github.com/kovidgoyal/calibre/commit/aeb5b036a0bf657951756688b3c72bd68b6e4a7d
Antoine: Do you think any of the changes to
src/pyj/book_list/edit_metadata.pyj are required for the security fix? I
am struggling to understand how these changes relate to the rest of the
pull request.
--
Brian May <bam@debian.org>
Reply to: