[ANN] EpubCheck 4.0.2

Skip to first unread message


Dec 13, 2016, 7:03:04 AM12/13/16
to epub-work...@googlegroups.com, epub...@googlegroups.com
EpubCheck v4.0.2 is now available on GitHub:


This version includes a fix for a **critical security vulnerability** (CVE-2016-9487) which may, under some circumstances, enable a remote attacker to access arbitrary files on the system where EpubCheck is running.

**Important**: All users should update to EpubCheck 4.0.2 as soon as possible.

Other enhancements include:

- Enhanced XML report output
- New method Archive.createArchive(File) to specify file paths when using this in 3rd party tools

And bug fixes:

- Fix for critical vulnerability CVE-2016-9487
- Fix for unclosed ImageInputStreams on image file validation
- Clarify ACC-009 message: 'alt' -> 'alttext' attribute
- Make BitmapChecker.ImageHeuristics a public object
- Bugfix for false positive error messages due to locale settings

The details in the list of issues closed since the last public release is available at:


Special thanks to Craig Arendt (@craig_arendt) for having identified the vulnerability and disclosed it privately to EpubCheck's team!

Thanks also to Tobias Fisher, Thomas Ledoux, and other contributors or bug reporters!

Romain Deltour – @rdeltour
Software and standards development
The DAISY Consortium

Ori Idan

Dec 13, 2016, 7:17:11 AM12/13/16
to epub...@googlegroups.com, Epub working group
Thank you for the announcement.
Does this version support metadata of EPUB3.1 especially role attribute of dc:contributor?

Ori Idan CEO Helicon Books

You received this message because you are subscribed to the Google Groups "epubcheck" group.
To unsubscribe from this group and stop receiving emails from it, send an email to epubcheck+unsubscribe@googlegroups.com.
To post to this group, send email to epub...@googlegroups.com.
Visit this group at https://groups.google.com/group/epubcheck.
For more options, visit https://groups.google.com/d/optout.


Dec 13, 2016, 7:24:37 AM12/13/16
to epub-work...@googlegroups.com

On 13 Dec 2016, at 13:16, Ori Idan <o...@heliconbooks.com> wrote:

Does this version support metadata of EPUB3.1 especially role attribute of dc:contributor?

EpubCheck v4.0.2 does not include any change related to EPUB 3.1.

That would come in a future version, ETA depending on development resources.


Reply all
Reply to author
0 new messages