[ANN] EpubCheck 4.0.2

41 views
Skip to first unread message

Romain

unread,
Dec 13, 2016, 7:03:04 AM12/13/16
to epub-work...@googlegroups.com, epub...@googlegroups.com
EpubCheck v4.0.2 is now available on GitHub:

https://github.com/IDPF/epubcheck/releases/tag/v4.0.2

This version includes a fix for a **critical security vulnerability** (CVE-2016-9487) which may, under some circumstances, enable a remote attacker to access arbitrary files on the system where EpubCheck is running.

**Important**: All users should update to EpubCheck 4.0.2 as soon as possible.


Other enhancements include:

- Enhanced XML report output
- New method Archive.createArchive(File) to specify file paths when using this in 3rd party tools

And bug fixes:

- Fix for critical vulnerability CVE-2016-9487
- Fix for unclosed ImageInputStreams on image file validation
- Clarify ACC-009 message: 'alt' -> 'alttext' attribute
- Make BitmapChecker.ImageHeuristics a public object
- Bugfix for false positive error messages due to locale settings


The details in the list of issues closed since the last public release is available at:

https://github.com/IDPF/epubcheck/issues?utf8=%E2%9C%93&q=+milestone%3A4.0.2

Special thanks to Craig Arendt (@craig_arendt) for having identified the vulnerability and disclosed it privately to EpubCheck's team!

Thanks also to Tobias Fisher, Thomas Ledoux, and other contributors or bug reporters!

Best,
Romain.
--
Romain Deltour – @rdeltour
Software and standards development
The DAISY Consortium
http://www.daisy.org

Ori Idan

unread,
Dec 13, 2016, 7:17:11 AM12/13/16
to epub...@googlegroups.com, Epub working group
Thank you for the announcement.
Does this version support metadata of EPUB3.1 especially role attribute of dc:contributor?


-- 
Ori Idan CEO Helicon Books





--
You received this message because you are subscribed to the Google Groups "epubcheck" group.
To unsubscribe from this group and stop receiving emails from it, send an email to epubcheck+unsubscribe@googlegroups.com.
To post to this group, send email to epub...@googlegroups.com.
Visit this group at https://groups.google.com/group/epubcheck.
For more options, visit https://groups.google.com/d/optout.

Romain

unread,
Dec 13, 2016, 7:24:37 AM12/13/16
to epub-work...@googlegroups.com

On 13 Dec 2016, at 13:16, Ori Idan <o...@heliconbooks.com> wrote:

Does this version support metadata of EPUB3.1 especially role attribute of dc:contributor?

EpubCheck v4.0.2 does not include any change related to EPUB 3.1.

That would come in a future version, ETA depending on development resources.

Romain.

Reply all
Reply to author
Forward
0 new messages