-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 25 May 2026 08:19:53 +0900
Source: calibre
Binary: calibre-bin calibre-bin-dbgsym
Architecture: armhf
Version: 8.5.0+ds-1+deb13u3
Distribution: trixie
Urgency: medium
Maintainer: armhf Build Daemon (arm-ubc-06) <buildd_arm64-arm-ubc-06@buildd.debian.org>
Changed-By: YOKOTA Hiroshi <yokota.hgml@gmail.com>
Description:
 calibre-bin - powerful and easy to use e-book manager (binary plugins)
Closes: 1135543
Changes:
 calibre (8.5.0+ds-1+deb13u3) trixie; urgency=medium
 .
   * Fix security vulnerabilities and code quality issues (Closes: #1135543)
   * CVE-2026-30853: RB Input: Ensure files are extracted within container
     dir
   * CVE-2026-33205 (1/2): E-book viewer: prevent reading background images
     from outside the config dir
   * CVE-2026-33205 (2/2): E-book viewer: Disallow background images from
     the internet. This was an unused feature anyway
   * CVE-2026-33206: TXT Input: Ensure resource files are read only from
     book contents
Checksums-Sha1:
 5cdfee4e9e237ce4693e9c9340b5ab1d37ac2119 4897108 calibre-bin-dbgsym_8.5.0+ds-1+deb13u3_armhf.deb
 639a22afbe70faf376557d64fda60e70e9aab80a 763476 calibre-bin_8.5.0+ds-1+deb13u3_armhf.deb
 4ac02abdefe37443172bc47ad39fa564c3f9e7d9 24072 calibre_8.5.0+ds-1+deb13u3_armhf-buildd.buildinfo
Checksums-Sha256:
 fc9051f9391b30bf92a0282632299c8c926855d90d75bc9817fd2bf93232f777 4897108 calibre-bin-dbgsym_8.5.0+ds-1+deb13u3_armhf.deb
 5f581c3b53d1a50d604c4f688afff5519cad16d328491339eb376489d04c501a 763476 calibre-bin_8.5.0+ds-1+deb13u3_armhf.deb
 406b4edaa3802c7dc8639e57c1b002568b9bf1189cf0d3315ee4f3d9c25b6a28 24072 calibre_8.5.0+ds-1+deb13u3_armhf-buildd.buildinfo
Files:
 80915bc94b2217144731183554ca32a5 4897108 debug optional calibre-bin-dbgsym_8.5.0+ds-1+deb13u3_armhf.deb
 6b68ef3b8cf1a1ed33b053fdf2c5c167 763476 text optional calibre-bin_8.5.0+ds-1+deb13u3_armhf.deb
 401e6dcc1e0da7c53b9febac1bbcf07e 24072 text optional calibre_8.5.0+ds-1+deb13u3_armhf-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEBOUsBrtd5lcy6oRfutMAkCxKbL0FAmofMIoACgkQutMAkCxK
bL1N2BAAtkBCNEXRbjXFTxWUIM27RFNMT8MBYnlwe2lu5lbShqBMIh/TnTPOob2p
4KPKQgAKQBrWnuzc8JFhBKzlp6efci42PjbCcFcRmdSrLHDxplmrrBujB3O9jceI
9D9yvNS8SSJ9s+VJbar7nyz1vxihoVYcaHF3FtPDZ3wanio88cFbn7l2rrqKjh01
AX/zCNsxyDHyoCMWjIkX8BCiBFB89M+9kZzVrImyh/fcddfx12Iv/5R9AfzNc2GQ
0qC7IlYQp2A6pRyMLeik4WpVSftivDXnHZt/mvKhJSHrDKrUZTZF6hWIFrKeCflz
Y31WQiWkjBQdkHZjM6GLxUWc9k8dNXOx7svulNCtw7NUryqAc28VooMeN5VjZhwy
CffoppfUFM0FPtelGYwqCvUurrWSWATk4HaDmIUCpwgGE6nDzJIl5Ep/BydSn9cq
nCmko8rZV2+YAD2A+/pdyMNFGi3YeqN4ib5ph7lD+LamoCOrMRZqD1+8tKJeDWiq
6KCS2l0FEhvAuNDWw1ZAzkuHexVPfJ7O6tAblvxORHrOAgobwVBzSFdNQxZ9uFiK
ZvYFzlFVzs/z6Sye+WZjfC+tsHT6x6IVGAnC9a0haGxreyPtcaQtWN19yhiu5fz3
lHw52qmW/Zv+9D2ExpKdsQgrKhepqEFOCuunJOP5Y2fpDMajhWQ=
=IE/k
-----END PGP SIGNATURE-----