ALT-PU-2021-4577-1
Package calibre updated to version 5.33.2-alt1 for branch sisyphus_mipsel.
Closed vulnerabilities
Published: 2021-12-07
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2021-44686
calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service) in html_preprocess_rules in ebooks/conversion/preprocess.py.
Severity: MEDIUM (5.0)
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Severity: HIGH (7.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- https://bugs.launchpad.net/calibre/+bug/1951979
- https://github.com/dwisiswant0/advisory/issues/18
- https://github.com/kovidgoyal/calibre/compare/v5.31.1...v5.32.0
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W7QKFPYJ23KG6WJ5NIYAM4N2NWZCLQGL/
- https://bugs.launchpad.net/calibre/+bug/1951979
- https://github.com/dwisiswant0/advisory/issues/18
- https://github.com/kovidgoyal/calibre/compare/v5.31.1...v5.32.0
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W7QKFPYJ23KG6WJ5NIYAM4N2NWZCLQGL/