-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 01 Mar 2026 16:14:12 +0900
Source: calibre
Binary: calibre
Architecture: all
Version: 6.13.0+repack-2+deb12u6
Distribution: bookworm
Urgency: medium
Maintainer: all / amd64 / i386 Build Daemon (x86-grnet-03) <buildd_amd64-x86-grnet-03@buildd.debian.org>
Changed-By: YOKOTA Hiroshi <yokota.hgml@gmail.com>
Description:
 calibre    - powerful and easy to use e-book manager
Changes:
 calibre (6.13.0+repack-2+deb12u6) bookworm; urgency=medium
 .
   * CVE-2026-25635: CHM Input: Ignore internal files that have paths that
     end up outside the container
   * CVE-2026-25636: DRYer
   * CVE-2026-25731: ZIP Output: Change the template engine used for HTML
     templating from templite to Mustache, for greater safety and
     performance. Note that this is a breaking change if you use custom
     templates with ZIP output.
   * Use pystache instead of templite to fix CVE-2026-25731
   * Add NEWS about CVE-2026-25731 fix
   * CVE-2026-26064: ODT Input: Ensure images are extracted within
     container
   * CVE-2026-26065: PDB Input: Ensure extracted images are within the
     container
   * CVE-2026-27810: Content server: Sanitize content disposition received
     as query parameter
   * CVE-2026-27824: Content server: When banning IPs for repeated login is
     enabled, only use the IP address not any HTTP headers as the ban key
Checksums-Sha1:
 8892fb2d8549ab57837ecf00a971ffb292c863f9 17845 calibre_6.13.0+repack-2+deb12u6_all-buildd.buildinfo
 68c272b51a7c0631e48470c0a82eb146c1217cac 28871976 calibre_6.13.0+repack-2+deb12u6_all.deb
Checksums-Sha256:
 89fa77ed873c43c25ccffb293309d390bd0f2878e19847ba924d57f003317213 17845 calibre_6.13.0+repack-2+deb12u6_all-buildd.buildinfo
 e389d10755628643d003f2dfaf384f570cbd5b58221ed8a546c57337fe3463f4 28871976 calibre_6.13.0+repack-2+deb12u6_all.deb
Files:
 6c8afd2ce33c6f0020d24ba5c7c082ce 17845 text optional calibre_6.13.0+repack-2+deb12u6_all-buildd.buildinfo
 aa958f04c4d6c9359f65d1ff10553adf 28871976 text optional calibre_6.13.0+repack-2+deb12u6_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE5ZI1lXv5WjhHIVjsN8Ugyu9dQiQFAmn2dVkACgkQN8Ugyu9d
QiQ2gw/8D2MoQ9cBQoYB1oDHM14UYHlG6UhxzFXzx20UlvZYBCpdAEwu08ut2wDi
syq/V/hP1M0ijCnXmb+SADVveDUdX6FxiuNVgeYYaXoYtXEDfBAAGaD/c2zSQijy
2/SJWbCEwTP/+KfwOEhgpDJ/lTSJpR+CMVE9LRCk4c3goqTfOzQOIyVxHTGiLRMN
YUeUHIlDox+UIUkca7Y/z94igebgzYb1lT3ohruSBH3ymxAO3lGVu7fdJYeNpr46
LGWYV9xwytsbQWJ4E1SM8E1Xngx86x6Vi7eKP1CKSwF4Q9d8lLvZPWMD02HOf1sr
70kG36Y3CFrAjMzQJn7b6ThIUff5qo83qw/CWHJ/7xHnSXoFYmsbIKocZrSDDVfT
AztYE3nXFjalpf5ahKMZxt5uk2UFLiAoRQ5aVDxf+v2tKKUta5WHjhKxIOlhpnP0
h1dvkUKMYgYJRudw/SAho0YqmotflVK9kaAgToXMDSXj8NJeBEAPdyhj+bvDetD0
e9Ks7OzIRF7jnVn69Hs18vKU1E/0ApmzuExKN722rmY/9ebU+ihv/6/ZJN7MZvcU
zYhAg5c/CV3oAbQrBwfLcG2XsFW9yEK1pqLSBcl9fmEGj2TBZvY/1ouOGJBzkg9D
E5evl431cBB7Yylf5InR+sWviY/0BTuPcT91TAoxKPVUZJ6Vv+Q=
=yOg+
-----END PGP SIGNATURE-----