Debian Package Tracker

general

source: kodi (main)
version: 2:18.7+dfsg1-1
maintainer: Debian Multimedia Maintainers (archive) (DMD)
uploaders: Jonas Smedegaard [DMD]
arch: all any
std-ver: 3.9.8
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 2:17.1+dfsg1-3
stable: 2:17.6+dfsg1-4
unstable: 2:18.7+dfsg1-1

versioned links

2:17.1+dfsg1-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:17.6+dfsg1-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:18.7+dfsg1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

kodi (34 bugs: 0, 23, 11, 0)
kodi-addons-dev
kodi-bin (2 bugs: 0, 2, 0, 0)
kodi-data (1 bugs: 0, 1, 0, 0)
kodi-eventclients-common
kodi-eventclients-dev
kodi-eventclients-kodi-send
kodi-eventclients-ps3 (2 bugs: 0, 2, 0, 0)
kodi-eventclients-wiiremote
kodi-gbm
kodi-repository-kodi
kodi-wayland
kodi-x11

action needed

A new upstream version is available: 18.7.1 high

A new upstream version 18.7.1 is available, you should consider packaging it.

Created: 2020-06-29 Last update: 2020-07-06 22:35

Multiarch hinter reports 6 issue(s) high

There are issues with the multiarch metadata for this package.

kodi-addons-dev conflicts on /usr/share/kodi/cmake/KodiConfig.cmake on any two of amd64, arm64, armel, armhf, and 2 more
kodi-eventclients-kodi-send could be marked Multi-Arch: foreign
kodi-repository-kodi could be marked Multi-Arch: foreign
kodi-gbm could be marked Multi-Arch: same
kodi-wayland could be marked Multi-Arch: same
kodi-x11 could be marked Multi-Arch: same

Created: 2016-09-14 Last update: 2020-07-06 21:34

2 security issues in sid high

There are 2 open security issues in sid.

2 important issues:

CVE-2018-8831: A Persistent XSS vulnerability exists in Kodi (formerly XBMC) through 17.6 that allows the execution of arbitrary HTML/script code in the context of the victim user's browser via a playlist.
CVE-2017-5982: Directory traversal vulnerability in the Chorus2 2.4.2 add-on for Kodi allows remote attackers to read arbitrary files via a %2E%2E%252e (encoded dot dot slash) in the image path, as demonstrated by image/image%3A%2F%2F%2e%2e%252fetc%252fpasswd.

Please fix them.

Created: 2015-07-13 Last update: 2020-07-06 05:01

Standards version of the package is outdated. high

The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.0 instead of 3.9.8).

Created: 2017-06-29 Last update: 2020-05-27 00:21

The package has not entered testing even though the delay is over normal

The package has not entered testing even though the 2-day delay is over. Check why.

Created: 2020-05-29 Last update: 2020-07-07 00:04

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2020-06-28 Last update: 2020-07-07 00:01

Depends on packages which need a new maintainer normal

The packages that kodi depends on which need a new maintainer are:

cwiid (#810992)
- Build-Depends: libcwiid-dev
- Depends: libcwiid1
enca (#953094)
- Build-Depends: libenca-dev
fstrcmp (#765334)
- Build-Depends: libfstrcmp-dev
- Depends: libfstrcmp0 libfstrcmp0 libfstrcmp0

Created: 2019-11-22 Last update: 2020-07-06 23:02

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 2:18.7.1+dfsg1-1, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 9537db709896a9a3f6c71aa04f2165c4239c63f5
Author: Vasyl Gello <vasek.gello@gmail.com>
Date:   Mon Jun 29 03:52:49 2020 +0000

    debian: fix circular dependency hell
    
     * Closes: 963865
    
    Signed-off-by: Vasyl Gello <vasek.gello@gmail.com>

commit 2087aa7804e41950264e8ea684797a96a2fc7b07
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Tue Jun 16 22:59:02 2020 +0200

    Update changelog

commit 429bc0c3d87bb6f6063fabfbc2897b867c71e27e
Merge: 00580daf cd8649a7
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Tue Jun 16 22:53:30 2020 +0200

    Update upstream source from tag 'upstream/18.7.1+dfsg1'
    
    Update to upstream version '18.7.1+dfsg1'
    with Debian dir af92b13742dde1e857c8091b7e45e87c31071f27

commit cd8649a734abdecca413dff5b57f5a3e9b31ee6e
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Tue Jun 16 22:52:52 2020 +0200

    New upstream version 18.7.1+dfsg1

commit 00580dafe32f2063dd63fbb3e764e232478b75f4
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Tue Jun 2 21:04:48 2020 +0200

    debian/README.source: Gbp now exports components properly

commit c4e23ad07dd6a1f17ea0fdd9887a112928b0423f
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Tue Jun 2 16:26:21 2020 +0200

    debian/gbp.conf: Set components

commit b19a6017d2ba13ede7ddfc7cd35e53c56b5577f1
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Tue Jun 2 15:54:54 2020 +0200

    debian/README.source: Clarify that dvdread and dvdnav are patched for Kodi

commit a94664834dfbda1b01912a248b24a36d70571ad2
Author: Adrian Bunk <bunk@debian.org>
Date:   Sat May 30 21:52:11 2020 +0200

    Don't enable SSE in i386 builds
    
    Closes: #961856

Created: 2020-05-30 Last update: 2020-07-04 16:36

AppStream hints: 1 warning normal

AppStream found metadata issues for packages:

kodi: 1 warning

You should get rid of them to provide more metadata about this software.

Created: 2020-06-01 Last update: 2020-06-01 01:13

lintian reports 15 warnings normal

Lintian reports 15 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2020-05-21 Last update: 2020-05-21 00:04

2 ignored security issues in buster low

There are 2 open security issues in buster.

2 issues skipped by the security teams:

CVE-2018-8831: A Persistent XSS vulnerability exists in Kodi (formerly XBMC) through 17.6 that allows the execution of arbitrary HTML/script code in the context of the victim user's browser via a playlist.
CVE-2017-5982: Directory traversal vulnerability in the Chorus2 2.4.2 add-on for Kodi allows remote attackers to read arbitrary files via a %2E%2E%252e (encoded dot dot slash) in the image path, as demonstrated by image/image%3A%2F%2F%2e%2e%252fetc%252fpasswd.

Please fix them.

Created: 2018-11-22 Last update: 2020-07-06 05:01

2 ignored security issues in stretch low

There are 2 open security issues in stretch.

2 issues skipped by the security teams:

CVE-2018-8831: A Persistent XSS vulnerability exists in Kodi (formerly XBMC) through 17.6 that allows the execution of arbitrary HTML/script code in the context of the victim user's browser via a playlist.
CVE-2017-5982: Directory traversal vulnerability in the Chorus2 2.4.2 add-on for Kodi allows remote attackers to read arbitrary files via a %2E%2E%252e (encoded dot dot slash) in the image path, as demonstrated by image/image%3A%2F%2F%2e%2e%252fetc%252fpasswd.

Please fix them.

Created: 2016-12-04 Last update: 2020-07-06 05:01

Build log checks report 2 warnings low

Build log checks report 2 warnings

Created: 2018-11-18 Last update: 2020-03-22 02:31

Issues found with some translations low

Automatic checks made by the Debian l10n team found some issues with the translations contained in this package. You should check the l10n status report for more information.

Issues can be things such as missing translations, problematic translated strings, outdated PO files, unknown languages, etc.

Created: 2020-02-26 Last update: 2020-02-26 10:49

testing migrations

excuses:
- Migrates after: pillow-python2
- Migration status for kodi (- to 2:18.7+dfsg1-1): BLOCKED: Rejected/violates migration policy/introduces a regression
- Issues preventing migration:
- Updating kodi introduces new bugs: #936805, #961856
- Depends: kodi pillow-python2
- Additional info:
- Piuparts tested OK - https://piuparts.debian.org/sid/source/k/kodi.html
- Required age reduced by 3 days because of autopkgtest
- 41 days old (needed 2 days)
- Not considered

news

[rss feed]

[2020-05-26] Accepted kodi 2:18.7+dfsg1-1 (source) into unstable (Balint Reczey)
[2020-05-10] kodi REMOVED from testing (Debian testing watch)
[2020-04-03] Accepted kodi 2:18.6+dfsg1-2 (source) into unstable (Balint Reczey)
[2020-04-01] kodi 2:18.6+dfsg1-1 MIGRATED to testing (Debian testing watch)
[2020-03-21] Accepted kodi 2:18.6+dfsg1-1 (source) into unstable (Balint Reczey)
[2020-03-19] Accepted kodi 2:18.6+dfsg1-1~exp1 (source) into experimental (Balint Reczey)
[2020-03-18] Accepted kodi 2:18.6+dfsg1-1~exp0 (source) into experimental (Balint Reczey)
[2020-01-24] Accepted kodi 2:18.5+dfsg1-1~exp0 (source amd64 all) into experimental, experimental (Balint Reczey)
[2018-11-23] kodi 2:17.6+dfsg1-4 MIGRATED to testing (Debian testing watch)
[2018-11-20] Accepted kodi 2:17.6+dfsg1-4 (source) into unstable (Balint Reczey)
[2018-11-17] Accepted kodi 2:17.6+dfsg1-3 (source) into unstable (Balint Reczey)
[2018-08-20] kodi REMOVED from testing (Debian testing watch)
[2018-08-20] kodi REMOVED from testing (Debian testing watch)
[2018-05-04] kodi 2:17.6+dfsg1-2 MIGRATED to testing (Debian testing watch)
[2018-04-28] Accepted kodi 2:17.6+dfsg1-2 (source) into unstable (Balint Reczey)
[2017-12-31] kodi 2:17.6+dfsg1-1 MIGRATED to testing (Debian testing watch)
[2017-12-26] Accepted kodi 2:17.6+dfsg1-1 (source) into unstable (Balint Reczey)
[2017-10-11] Accepted kodi 2:17.3+dfsg1-5 (source) into unstable (Jonas Smedegaard)
[2017-10-10] Accepted kodi 2:17.3+dfsg1-4 (source) into unstable (Jonas Smedegaard)
[2017-10-05] Accepted kodi 2:17.3+dfsg1-3 (source amd64 all) into unstable, unstable (Jonas Smedegaard)
[2017-09-05] kodi REMOVED from testing (Debian testing watch)
[2017-07-04] kodi 2:17.3+dfsg1-2 MIGRATED to testing (Debian testing watch)
[2017-06-29] Accepted kodi 2:17.3+dfsg1-2 (source) into unstable (Balint Reczey)
[2017-06-06] Accepted kodi 16.1+dfsg1-2~bpo8+2 (source amd64 all) into jessie-backports->backports-policy, jessie-backports (Balint Reczey)
[2017-05-29] kodi 2:17.1+dfsg1-3 MIGRATED to testing (Debian testing watch)
[2017-05-27] Accepted kodi 2:17.3+dfsg1-1 (source) into experimental (Balint Reczey)
[2017-05-27] Accepted kodi 2:17.1+dfsg1-3 (source) into unstable (Balint Reczey)
[2017-04-19] kodi 2:17.1+dfsg1-2 MIGRATED to testing (Debian testing watch)
[2017-04-13] Accepted kodi 2:17.1+dfsg1-2 (source) into unstable (Balint Reczey)
[2017-04-02] Accepted kodi 2:17.1+dfsg1-1 (source) into experimental (Balint Reczey)

bugs [bug history graph]

all: 48
RC: 1
I&N: 31
M&W: 15
F&P: 1
patch: 1

links

homepage
lintian (0, 15)
buildd: logs, checks, clang, cross
popcon
browse source code
edit tags
security tracker
screenshots
l10n (-, 98)
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2:18.7+dfsg1-1ubuntu2
26 bugs (1 patch)
patches for 2:18.7+dfsg1-1ubuntu2