Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: How not to deal with a vulnerability in your code
From: xD 0x41 <secn3t () gmail com>
Date: Sat, 5 Nov 2011 08:10:25 +1100

I am appalled with the maker, Kovid Goyal , what a jerk... I just went
to check any of my boxes for the binary, luckily i do not suffer from
e-reader syndrome, thankfully this jerk doesnt touch the important
stuff... thats tho, typical of launchpad, they dont like bugs being
shoved up theyre provebial..
Also, today only, after the caffaful , there is still little change :S
I was going to dload it to actually test the vulns but, this maker is
just a fkn hard headed mofo !!!

look at his list of bugfixes, in here he addresses some shitty DoS , i
do not see his latest updates of fixes but, they maybe posted
earlier... still, he could be adding in better security feautres, he
seems uninterested...

New Features
    Kobo: Add support for fetching annotations from the kobo reader.

    Right click the send to device button in calibre with your kobo
connected and choose fetch annotations. The annotations are placed
into the comments of the corresponding books in the calibre library.
This feature is still experimental.
    Preserve the set of selected books in the library view when a
device is connected, fixing a long standing annoyance

Bug Fixes
    Prevent changing of device metadata management option while a
device is connected.

    Closes tickets: 874118 [External link]
    Book details panel: Show tooltip only when hovering over cover,
not the rest of the book information, as it makes it hard to read.

    Closes tickets: 876454 [External link]
    MOBI Output: Fix use of list elements as link anchors caused links
to always point to start of list.

    Closes tickets: 879391 [External link]
    RB Output: Fix calibre generated rb files not being opened by the
RocketBook.

    Closes tickets: 880930 [External link]
    FB2 Input: Dont choke on FB2 files that have empty embedded content tags.

    Closes tickets: 880904 [External link]
    ODT Input: CSS rationalization should not fail with non ascii class names
    Fix creating new library using the copy structure option
incorrectly setting all text type columns to be like the tags column
    E-book viewer: Don't choke on windows installs with a non UTF-8
filesystem encoding.

    Closes tickets: 879740 [External link]

This coupled with the leet python downloader, tells me to stayyyy away :)
Only fuzz at a distance ;P~~

And for that kerkwad Anton, here, "lol rofl omfg lol!"
cheers.
xd




On 4 November 2011 14:45, Laurelai <laurelai () oneechan org> wrote:
https://bugs.launchpad.net/calibre/+bug/885027

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]