[Git][security-tracker-team/security-tracker][master] Add new calibre issues

Salvatore Bonaccorso (@carnil) Sat, 07 Feb 2026 01:03:15 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
f59826c1 by Salvatore Bonaccorso at 2026-02-07T10:02:38+01:00
Add new calibre issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -67,15 +67,21 @@ CVE-2026-25749 (Vim is an open source, command line text 
editor. Prior to versio
 CVE-2026-25732 (NiceGUI is a Python-based UI framework. Prior to 3.7.0, 
NiceGUI's File ...)
        NOT-FOR-US: NiceGUI
 CVE-2026-25731 (calibre is an e-book manager. Prior to 9.2.0, a Server-Side 
Template I ...)
-       TODO: check
+       - calibre 9.2.0+ds+~0.10.5-1
+       NOTE: 
https://github.com/kovidgoyal/calibre/security/advisories/GHSA-xrh9-w7qx-3gcc
+       NOTE: Fixed by: 
https://github.com/kovidgoyal/calibre/commit/f0649b27512e987b95fcab2e1e0a3bcdafc23379
 (v9.2.0)
 CVE-2026-25729 (DeepAudit is a multi-agent system for code vulnerability 
discovery. In ...)
        NOT-FOR-US: DeepAudit
 CVE-2026-25644 (DataHub is an open-source metadata platform. Prior to version 
1.3.1.8, ...)
        NOT-FOR-US: DataHub
 CVE-2026-25636 (calibre is an e-book manager. In 9.1.0 and earlier, a path 
traversal v ...)
-       TODO: check
+       - calibre 9.2.0+ds+~0.10.5-1
+       NOTE: 
https://github.com/kovidgoyal/calibre/security/advisories/GHSA-8r26-m7j5-hm29
+       NOTE: Fixed by: 
https://github.com/kovidgoyal/calibre/commit/9484ea82c6ab226c18e6ca5aa000fa16de598726
 (v9.2.0)
 CVE-2026-25635 (calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM 
reader con ...)
-       TODO: check
+       - calibre 9.2.0+ds+~0.10.5-1
+       NOTE: 
https://github.com/kovidgoyal/calibre/security/advisories/GHSA-32vh-whvh-9fxr
+       NOTE: Fixed by: 
https://github.com/kovidgoyal/calibre/commit/9739232fcb029ac15dfe52ccd4fdb4a07ebb6ce9
 (v9.2.0)
 CVE-2026-25634 (iccDEV provides a set of libraries and tools that allow for 
the intera ...)
        NOT-FOR-US: iccDEV
 CVE-2026-25632 (EPyT-Flow is a Python package designed for the easy generation 
of hydr ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f59826c1fee28d8a6da1f43b6aab0a244d9f3ab0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f59826c1fee28d8a6da1f43b6aab0a244d9f3ab0
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Add new calibre issues

Reply via email to