Re: calibre / CVE-2018-7889

To: Antoine Beaupré <anarcat@orangeseeds.org>, Raphael Hertzog <hertzog@debian.org>
Cc: debian-lts@lists.debian.org
Subject: Re: calibre / CVE-2018-7889
From: Brian May <bam@debian.org>
Date: Mon, 16 Apr 2018 17:18:08 +1000
Message-id: <[🔎] 87r2nfaabz.fsf@silverfish.pri>
In-reply-to: <[🔎] 87tvsbaam4.fsf@silverfish.pri>
References: <[🔎] 87woxfbjvp.fsf@silverfish.pri> <[🔎] 87in8x326u.fsf@curie.anarc.at> <[🔎] 20180412081725.GB30420@home.ouaza.com> <[🔎] 87a7u83alh.fsf@curie.anarc.at> <[🔎] 87tvsbaam4.fsf@silverfish.pri>

Brian May <bam@debian.org> writes:

> Antoine: Do you think any of the changes to
> src/pyj/book_list/edit_metadata.pyj are required for the security fix? I
> am struggling to understand how these changes relate to the rest of the
> pull request.

Also not really conviced the change to code.py, which appears to sort
something, is really required.

Neither code.py or edit_metadata.pyj exist in wheezy.

The remaining file, bookmarkmanager.py fails to apply any hunks, but
might be possible to apply some bits manually.
-- 
Brian May <bam@debian.org>

Reply to:

Follow-Ups:
- Re: calibre / CVE-2018-7889
  - From: Brian May <bam@debian.org>

References:
- calibre / CVE-2018-7889
  - From: Brian May <bam@debian.org>
- Re: calibre / CVE-2018-7889
  - From: Antoine Beaupré <anarcat@orangeseeds.org>
- Re: calibre / CVE-2018-7889
  - From: Raphael Hertzog <hertzog@debian.org>
- Re: calibre / CVE-2018-7889
  - From: Antoine Beaupré <anarcat@orangeseeds.org>
- Re: calibre / CVE-2018-7889
  - From: Brian May <bam@debian.org>

Prev by Date: Re: calibre / CVE-2018-7889
Next by Date: Re: calibre / CVE-2018-7889
Previous by thread: Re: calibre / CVE-2018-7889
Next by thread: Re: calibre / CVE-2018-7889
Index(es):
- Date
- Thread