lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sat, 5 Nov 2011 08:10:25 +1100
From: xD 0x41 <secn3t@...il.com>
To: Laurelai <laurelai@...echan.org>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: How not to deal with a vulnerability in your
	code

I am appalled with the maker, Kovid Goyal , what a jerk... I just went
to check any of my boxes for the binary, luckily i do not suffer from
e-reader syndrome, thankfully this jerk doesnt touch the important
stuff... thats tho, typical of launchpad, they dont like bugs being
shoved up theyre provebial..
Also, today only, after the caffaful , there is still little change :S
I was going to dload it to actually test the vulns but, this maker is
just a fkn hard headed mofo !!!

look at his list of bugfixes, in here he addresses some shitty DoS , i
do not see his latest updates of fixes but, they maybe posted
earlier... still, he could be adding in better security feautres, he
seems uninterested...

New Features
    Kobo: Add support for fetching annotations from the kobo reader.

    Right click the send to device button in calibre with your kobo
connected and choose fetch annotations. The annotations are placed
into the comments of the corresponding books in the calibre library.
This feature is still experimental.
    Preserve the set of selected books in the library view when a
device is connected, fixing a long standing annoyance

Bug Fixes
    Prevent changing of device metadata management option while a
device is connected.

    Closes tickets: 874118 [External link]
    Book details panel: Show tooltip only when hovering over cover,
not the rest of the book information, as it makes it hard to read.

    Closes tickets: 876454 [External link]
    MOBI Output: Fix use of list elements as link anchors caused links
to always point to start of list.

    Closes tickets: 879391 [External link]
    RB Output: Fix calibre generated rb files not being opened by the
RocketBook.

    Closes tickets: 880930 [External link]
    FB2 Input: Dont choke on FB2 files that have empty embedded content tags.

    Closes tickets: 880904 [External link]
    ODT Input: CSS rationalization should not fail with non ascii class names
    Fix creating new library using the copy structure option
incorrectly setting all text type columns to be like the tags column
    E-book viewer: Don't choke on windows installs with a non UTF-8
filesystem encoding.

    Closes tickets: 879740 [External link]

This coupled with the leet python downloader, tells me to stayyyy away :)
Only fuzz at a distance ;P~~

And for that kerkwad Anton, here, "lol rofl omfg lol!"
cheers.
xd




On 4 November 2011 14:45, Laurelai <laurelai@...echan.org> wrote:
> https://bugs.launchpad.net/calibre/+bug/885027
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ