-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 25 May 2026 08:19:53 +0900
Source: calibre
Binary: calibre-bin calibre-bin-dbgsym
Architecture: amd64
Version: 8.5.0+ds-1+deb13u3
Distribution: trixie
Urgency: medium
Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) <buildd_amd64-x86-conova-01@buildd.debian.org>
Changed-By: YOKOTA Hiroshi <yokota.hgml@gmail.com>
Description:
 calibre-bin - powerful and easy to use e-book manager (binary plugins)
Closes: 1135543
Changes:
 calibre (8.5.0+ds-1+deb13u3) trixie; urgency=medium
 .
   * Fix security vulnerabilities and code quality issues (Closes: #1135543)
   * CVE-2026-30853: RB Input: Ensure files are extracted within container
     dir
   * CVE-2026-33205 (1/2): E-book viewer: prevent reading background images
     from outside the config dir
   * CVE-2026-33205 (2/2): E-book viewer: Disallow background images from
     the internet. This was an unused feature anyway
   * CVE-2026-33206: TXT Input: Ensure resource files are read only from
     book contents
Checksums-Sha1:
 0bcb91a67d69394e3a464065031bb3e27e9205b6 4985348 calibre-bin-dbgsym_8.5.0+ds-1+deb13u3_amd64.deb
 ac16764a75943717eb66ae367be3fda1ce231dc6 901140 calibre-bin_8.5.0+ds-1+deb13u3_amd64.deb
 c38b76c3118dc8439a0792050a47549a714df6f0 24392 calibre_8.5.0+ds-1+deb13u3_amd64-buildd.buildinfo
Checksums-Sha256:
 701289bc30b30ed4963bac81ee6a161de6cdc2a01eb8ed5c4f497d0d19a8ca68 4985348 calibre-bin-dbgsym_8.5.0+ds-1+deb13u3_amd64.deb
 4c78d53ad0889a7cf71b2c31a2f17dd30b0736469dd89c2423866cb5954f91d0 901140 calibre-bin_8.5.0+ds-1+deb13u3_amd64.deb
 b4413f5aeedbd30e65dac7c23669a1cd277422cd2b5c6e3f061ddc7184b5446f 24392 calibre_8.5.0+ds-1+deb13u3_amd64-buildd.buildinfo
Files:
 6acf40b525b0d5a41f062e59d7b08448 4985348 debug optional calibre-bin-dbgsym_8.5.0+ds-1+deb13u3_amd64.deb
 79294f16beb7b049ea5e60f1fe670381 901140 text optional calibre-bin_8.5.0+ds-1+deb13u3_amd64.deb
 ca90cf300f96d981bde777556efca22c 24392 text optional calibre_8.5.0+ds-1+deb13u3_amd64-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE7cQ9mRD4+dWjjrb6PkCWRKsh20cFAmofMG8ACgkQPkCWRKsh
20fm6hAArikRU7ijzwjt1tCZe7BarndYXtNagizkGL31Qu89QRiuOMi33Z+wXQGC
yu4CPJFwNDQyNZKeYjoEz6ftiCWvTDYayM2lRTrjUO7UBeJHC9BNwWYC2eEiEJL5
VUJFmWMB6cfQ94G1KDQdtuQ0WJm1BqqKkXwCWxGHg/j3uVrXUNTq+iXeAzHbsp/q
VhgbNafd+TgJhc+2/r826w13UT2iJy1LTZphneidIYKnQMq0a3xE9hEEveoubqal
Y3ux04wz/I9sgc/YQxHYltKTdV2BNckf3xAi4RP5bmkaGp6Q1gVpE0oJb21ve9Bc
xvsKhuqhLbY0gA2iowrkG09hEfZZoFbugnr+CuGZeN+y0hV4e801+3kpjhuZGddR
v18zykcUHXrxvf5c7Da1IFctEz7edMjlGP25pI8K0fia/bHPy6FPDYiwBx4ktqIl
eB0UEYilVkUfNHv5KcgUyIsdB1c1cgn6Rj9Gklew0r1UqiCQekdTRV6Mq96tFa6+
MfYL2/dIbxAFD6Pza7j3MLnpux3uZ/bmZA8UtdSiEq2VMePbr9s4+jgIYPo5V34O
vMuNhkyHeLKAORJnXJhFOJK8WluQoIJ0JMw3z6vGDCZ2zHHuKosApy+dy/cwDbsv
A//Fcnf8Da8/Zbke4YSvhJBs+iOU4YFkRYw9dA73o3phveqsrZM=
=y1Ny
-----END PGP SIGNATURE-----