I have uploaded these fixes (for Xenial and Trusty) to a fresh test PPA of mine with all architectures switched on and only the security repo enabled. I then tested both in VMs of each release, and they work as intended. It also fixes the security issue.
Security Team, feel free to copy my packages to your PPA: https://launchpad.net/~tsimonq2/+archive/ubuntu/security-test-builds/+sourcepub/8878700/+listing-archive-extra https://launchpad.net/~tsimonq2/+archive/ubuntu/security-test-builds/+sourcepub/8878706/+listing-archive-extra The diffs for each are on that page if you would like to do it manually. Please sponsor each to go into Ubuntu. Thanks. ** Changed in: calibre (Ubuntu Trusty) Status: New => In Progress ** Changed in: calibre (Ubuntu Xenial) Status: New => In Progress -- You received this bug notification because you are a member of Edubuntu Bugsquad, which is subscribed to calibre in Ubuntu. https://bugs.launchpad.net/bugs/1758699 Title: [CVE] JavaScript in a book can access local files using XMLHttpRequest To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/calibre/+bug/1758699/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~edubuntu-bugs Post to : edubuntu-bugs@lists.launchpad.net Unsubscribe : https://launchpad.net/~edubuntu-bugs More help : https://help.launchpad.net/ListHelp
