Debian Package Tracker

general

source: kodi (main)
version: 2:17.6+dfsg1-4
maintainer: Debian Multimedia Maintainers (archive) (DMD)
uploaders: Jonas Smedegaard [DMD] – Balint Reczey [DMD]
arch: all any
std-ver: 3.9.8
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 2:17.1+dfsg1-3
stable: 2:17.6+dfsg1-4
testing: 2:17.6+dfsg1-4
unstable: 2:17.6+dfsg1-4

versioned links

2:17.1+dfsg1-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:17.6+dfsg1-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

kodi (33 bugs: 0, 22, 11, 0)
kodi-addons-dev
kodi-bin (1 bugs: 0, 1, 0, 0)
kodi-data
kodi-eventclients-common
kodi-eventclients-dev
kodi-eventclients-kodi-send
kodi-eventclients-ps3
kodi-eventclients-wiiremote
kodi-repository-kodi

action needed

Marked for autoremoval on 15 February due to cwiid: #936358, #942981 high

Version 2:17.6+dfsg1-4 of kodi is marked for autoremoval from testing on Sat 15 Feb 2020. It depends (transitively) on cwiid, affected by #936358, #942981. You should try to prevent the removal by fixing these RC bugs.

Created: 2020-01-16 Last update: 2020-01-23 09:35

A new upstream version is available: 18.5 high

A new upstream version 18.5 is available, you should consider packaging it.

Created: 2018-08-23 Last update: 2020-01-23 04:30

Standards version of the package is outdated. high

The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.0 instead of 3.9.8).

Created: 2017-06-29 Last update: 2020-01-21 05:06

2 security issues in bullseye high

There are 2 open security issues in bullseye.

2 important issues:

CVE-2018-8831: A Persistent XSS vulnerability exists in Kodi (formerly XBMC) through 17.6 that allows the execution of arbitrary HTML/script code in the context of the victim user's browser via a playlist.
CVE-2017-5982: Directory traversal vulnerability in the Chorus2 2.4.2 add-on for Kodi allows remote attackers to read arbitrary files via a %2E%2E%252e (encoded dot dot slash) in the image path, as demonstrated by image/image%3A%2F%2F%2e%2e%252fetc%252fpasswd.

Please fix them.

Created: 2019-07-07 Last update: 2020-01-17 14:04

2 security issues in sid high

There are 2 open security issues in sid.

2 important issues:

CVE-2018-8831: A Persistent XSS vulnerability exists in Kodi (formerly XBMC) through 17.6 that allows the execution of arbitrary HTML/script code in the context of the victim user's browser via a playlist.
CVE-2017-5982: Directory traversal vulnerability in the Chorus2 2.4.2 add-on for Kodi allows remote attackers to read arbitrary files via a %2E%2E%252e (encoded dot dot slash) in the image path, as demonstrated by image/image%3A%2F%2F%2e%2e%252fetc%252fpasswd.

Please fix them.

Created: 2015-07-13 Last update: 2020-01-17 14:04

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2019-04-01 Last update: 2020-01-23 09:31

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2018-11-22 Last update: 2020-01-23 08:13

Depends on packages which need a new maintainer normal

The packages that kodi depends on which need a new maintainer are:

cwiid (#810992)
- Build-Depends: libcwiid-dev
- Depends: libcwiid1
libcdio (#881719)
- Build-Depends: libcdio-dev libiso9660-dev
- Depends: libcdio18

Created: 2019-11-22 Last update: 2020-01-23 06:37

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 2:18.5+dfsg1-1~exp0, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 65e874e5fedf8e6909ecbe3a091593719e0fc28c
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Tue Jan 21 12:50:04 2020 +0100

    Build-depend on libgnutls28-dev and not on libgnutls-dev
    
    Gbp-Dch: Ignore

commit f53d59286c76045625c9a812ffdb6198dc82072c
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Tue Jan 21 15:49:00 2020 +0100

    Reopen changelog

commit 6d380eea2cfb15359d1ebfa19bbce9987659f33f
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Mon Jan 20 21:50:55 2020 +0100

    Update changelog

commit df31f25bc184c5bfea56c3ee2d926459acee6795
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Jan 19 21:04:32 2020 +0100

    debian/rules: Adjust to new component names

commit 19d9ced51f269936b2b1899e9485ff05c9587f94
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Jan 19 20:45:23 2020 +0100

    Refresh patches

commit 6f6ca7049534f82afb6d22700812e5ad706762c2
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Jan 19 20:41:11 2020 +0100

    Update changelog

commit b9fc04608bb6c8cc903014e8090d3b8a7c702cda
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Jan 19 20:38:19 2020 +0100

    debian/gbp.conf: Drop postexport hook
    
    It is obsoleted by storing all components in git.

commit 9c443ea6f5caea7baea36837aa3b4dd7477f0d54
Merge: c83651e6 05f99f00
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Jan 19 20:36:41 2020 +0100

    Update upstream source from tag 'upstream/18.5+dfsg1'
    
    Update to upstream version '18.5+dfsg1'
    with Debian dir 2bfda5f8748b2880c97451a0b2723fb54bcafe6a

commit 05f99f0016bd12a4489b79f366b85a736b2c208e
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Jan 19 20:36:05 2020 +0100

    New upstream version 18.5+dfsg1

commit c83651e6bf5b48aba157442927e4868f85130ab4
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Fri Jan 17 23:42:36 2020 +0100

    debian/rules: clean media/Fonts/arial.ttf, too

commit 89347bc83a78cc000709866d87cdf99690c0441f
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Fri Jan 17 17:08:40 2020 +0100

    Work around FTBFS caused by fontforge SEGFAULT

commit f26dda2055e8888d91fabe143d56e6ec69ba7867
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Dec 29 14:44:29 2019 +0100

    debian/gitlab-ci.yml: Simplify Salsa CI configuration

commit 44a0a0b08aae7c7fb76381a240df14fdd88bd2f9
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Nov 3 20:00:36 2019 +0100

    Remove myself from Uploaders

commit 028e5ac4b8fea72a31cfaac1b488b814838d05d1
Author: Ondřej Nový <onovy@debian.org>
Date:   Fri Oct 18 16:54:59 2019 +0200

    d/changelog: Deduplicate entries

commit 584368a302cef3abe44c808f2554b65b5a8827a8
Author: Jonas Smedegaard <dr@jones.dk>
Date:   Sat Aug 24 12:54:18 2019 +0200

    Drop licensing notes from README.source: Better suited as Comment: fields in debian/copyright, and arguably obsoleted by major refactoring of said file in 2017.

commit 30ac3a541b445ce8c4eb8121aceae72b076550f3
Author: Ondřej Nový <onovy@debian.org>
Date:   Sat Jul 20 01:07:47 2019 +0200

    Use debhelper-compat instead of debian/compat

commit 386279ea3ed37ebe157019a7aadabb5fa891403c
Author: Rechi <Rechi@users.noreply.github.com>
Date:   Tue Feb 26 09:59:11 2019 +0100

    debian/rules: exclude kodi-(gbm|wayland)_ from debian/files

commit 0a2f0421f52845d4ccbf934935d97dcf756f1074
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Mar 3 14:21:28 2019 +0100

    Refresh libdvdread patches

commit 110828b20f5a9fc3ddeb3a25ca1c43e34e46f66b
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Mar 3 14:19:01 2019 +0100

    Update additional libdvdread tarball to 6.0.1

commit 211d55a95a1a0bfdd99fd674cd09a087aa4517ae
Author: Rechi <Rechi@users.noreply.github.com>
Date:   Tue Feb 26 09:59:11 2019 +0100

    dh_kodiaddon_depends

commit 0440390b6a63d329224b5623736ff210b13429bb
Author: Rechi <Rechi@users.noreply.github.com>
Date:   Tue Feb 26 09:59:11 2019 +0100

    install all addon headers

commit ad87848a37c33ab6c76bda92080eb7a3f239e883
Author: Rechi <Rechi@users.noreply.github.com>
Date:   Tue Feb 26 09:59:11 2019 +0100

    fix intalling arch independent packages

commit b90f0d5e33f753191997fab9e27b3925713ae3ea
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Mar 3 13:36:39 2019 +0100

    Update changelog

commit b08815681f5eb9c26d58ac5798a64549a249f0f4
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Tue Feb 26 09:20:51 2019 +0100

    Fix hashing with Libgcrypt

commit dc9b2fd087dc326f83c824b2022f5028dddd83fd
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Feb 24 19:37:41 2019 +0100

    Refresh file list shipped by kodi-addons-dev

commit 55d36cc265aa617797dd87c7de982cd48a8b0c16
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Feb 24 14:11:52 2019 +0100

    Fix dh_kodiaddon_depends to get API versions the new way

commit 922cecaf9094041232dc53556f710fbf839f480a
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Feb 24 07:32:27 2019 +0100

    Fix FTBFS of kodi-test by not including excluded Windows-only header

commit e65b16eb16a48d687c2c223778281260a01bbb7e
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sat Feb 23 20:10:39 2019 +0100

    debian/rules: Clean up separate build directories

commit e03bb402ed8ae3b403846f776cba41be03305101
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sat Feb 23 20:10:20 2019 +0100

    Fix linking with Libgcrypt

commit 3ed00f5fdd8e6876baab19e8521bdaa7e0beda40
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sat Feb 23 15:13:00 2019 +0100

    Depend on unhinted Roboto font
    
    Closes: #922950

commit 8a6353b9a42f7c6bb4f55f42507971aeb34d7a1c
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sat Feb 23 15:09:08 2019 +0100

    Build without OpenSSL

commit 9f2f4d04bb0b335ae7bf816d05730060e32bce63
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sat Feb 23 15:06:58 2019 +0100

    Refresh patches

commit c56e9dacfa33e743dedb8d719b317e7da5983838
Merge: a72d3ac1 22e028de
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sat Feb 23 14:59:45 2019 +0100

    Update upstream source from tag 'upstream/18.1+dfsg1'
    
    Update to upstream version '18.1+dfsg1'
    with Debian dir c72e50faf6b713edfb8045c02348fb6a18cb883a

commit 22e028de965c89cf9a76b0089063cafb6a14e20d
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sat Feb 23 14:58:44 2019 +0100

    New upstream version 18.1+dfsg1

commit a72d3ac171b66051e4716e55eb50faf335028518
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sat Feb 23 11:49:55 2019 +0100

    Switch hashing implementation from OpenSSL to Libgcrypt

commit a943d8c3b7900cfa4fcabdff7c795f24f16cea43
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Feb 17 14:43:48 2019 +0100

    Update which files are shipped by which package

commit b65c1a227191e1f006d239d501677991b7e7870c
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Feb 17 13:24:39 2019 +0100

    Ignore failing tests for now

commit d317f4f6cc5d50f14d4c012b2ef155d1ac5a1879
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Feb 17 13:54:21 2019 +0100

    Install TexturePacker to /usr/bin/

commit 09be807a07b0739ac6be20ef18cac7f9818cd898
Author: Rechi <Rechi@users.noreply.github.com>
Date:   Fri Feb 15 18:32:34 2019 +0100

    fix test target build system dependency

commit 776ae5923021d195f3b6228a089b8afc71d99725
Author: Rechi <Rechi@users.noreply.github.com>
Date:   Fri Feb 15 18:32:34 2019 +0100

    fix depends syntax

commit b7121c90140936ef4db5477f116c279682bad130
Author: Rechi <Rechi@users.noreply.github.com>
Date:   Fri Feb 15 18:32:34 2019 +0100

    debian/rules: install kodi-x11 as last package
    
    last installed package defines the fallback windowing in bin/kodi

commit 6704e40420f00a30398b77688ad5439e570029c9
Author: Rechi <Rechi@users.noreply.github.com>
Date:   Fri Feb 15 18:32:34 2019 +0100

    fix libmicrohttpd linking

commit db45c2876a2af5d9e030b0be17f3715f436fbe14
Author: Rechi <Rechi@users.noreply.github.com>
Date:   Fri Feb 15 18:32:34 2019 +0100

    debian/rules: update dlopened libs
    
    libass, libbluray, libcec, libcurl and libnfs are no longer dlopend

commit eba69efc099bac308247da8491b3e7574a8f996d
Author: Rechi <Rechi@users.noreply.github.com>
Date:   Fri Feb 15 18:32:34 2019 +0100

    debian/rules: remove non existent cmake options
    
    - egl is a required dependency on linux so there is no ENABLE_EGL switch
    - x11 isn't an optional dependecy for gbm so there is no ENABLE_X11 switch
    - vdpau is only an optional dependency for x11, so ENABLE_VDPAU switch exists only for x11

commit 5f320cb3a2f7957413de8244db7de48b2ad5a04f
Author: Rechi <Rechi@users.noreply.github.com>
Date:   Fri Feb 15 18:32:34 2019 +0100

    debian/rules: remove unused DEB vars

commit 5d82c73d42ee1b081b99a97b11868dcb1dd95ac3
Author: Rechi <Rechi@users.noreply.github.com>
Date:   Fri Feb 15 18:32:34 2019 +0100

    add new Build-depends

commit a4da08db40e8bf8268549cf1f16e00c0d5e308b9
Author: Rechi <Rechi@users.noreply.github.com>
Date:   Fri Feb 15 18:32:34 2019 +0100

    drop unused Build-depends

commit 6ceb1de6481496d46bec79d6d71370854baea3c9
Author: Rechi <Rechi@users.noreply.github.com>
Date:   Fri Feb 15 18:32:34 2019 +0100

    debian/copyright: update Files-Excluded
    
    - libUPnP was updated
    - UnrarXLib was split into an addon
    - Visual Studio files were removed
    - windows platform specific code location changed

commit 46e1f7ac4367999f2c8c5f846b5ba97cc1358b04
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Mon Feb 11 16:50:22 2019 +0700

    debian/rules: Run tests for each build dir

commit f20b0015c16d764ec8787e2bee0f51093fcb8979
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Mon Feb 11 00:59:13 2019 +0700

    debian/rules: Add Wayland and GBM conditions to override_dh_auto_configure

commit 26f5d495c8d84a7b1149c9ccc211dcbbef45c819
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Mon Feb 11 14:08:20 2019 +0700

    Drop 06-use-external-libraries.patch obsoleted by building internal libdvdnav

commit b3bffb55ebe660c607c004ed034ffc2e437721dd
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Mon Feb 11 00:30:56 2019 +0700

    Let upstream's build system build the embedded libdvdnav and libread libraries

commit f7daaea0495cb31390f9c27d8e6ade98b8f1ca55
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Feb 10 23:38:00 2019 +0700

    debian/rules: Refactor building Debianized artifacts

commit c398cc83b25f0df0113f9d04487a3f81c0c71e1c
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Feb 10 23:26:25 2019 +0700

    debian/rules: Pass -lphtread to linker by default

commit bf051b91bccea8f50361c2dee2199ca1e6c6edba
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Feb 10 23:19:44 2019 +0700

    debian/rules: Extend override_dh_clean

commit 5a2be28ae92aa3b144b9ae01e95f0c1b880a395a
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Feb 10 14:23:12 2019 +0700

    Disable Wayland builds until waylandpp becomes available in the archive

commit 1e04883867ed454ff76bfd0812f95d9937c806be
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Feb 10 13:43:08 2019 +0700

    debian/rules: Rewrite to use cmake and build separate
    
    Thanks: Wolfgang Schupp

commit 3459c63719c5d66ddd883277edd62424d10ca6a2
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Feb 10 12:53:42 2019 +0700

    Ship separate packages for X11, Wayland and GBM

commit c03be390c1b914be37b4e2e040ca70fd0df115b7
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Feb 10 12:28:07 2019 +0700

    Refresh build dependencies based on upstream's packaging

commit d24e4fff65c9fbb197bf2fcbd009ad632a7e38d7
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Feb 10 11:50:40 2019 +0700

    debian/gitlab-ci.yml: Add Salsa CI configuration

commit 8735c7771070f3b1771d9ee172e47a9312516256
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Feb 10 11:32:26 2019 +0700

    debian/control: Tidy up using cme fix

commit b879e326d052bb6836c3850501ca07f4a579ea1f
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Mon Jan 28 21:13:39 2019 +0700

    debian/copyright_hints: Update hints with new files

commit cd725fe215a16fece37412d545fabc1564865e7a
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Mon Jan 28 16:36:14 2019 +0700

    Drop upstream's MSVC-specific patches

commit 65abc0ca04489aa11202b1260d490ec839976e10
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Mon Jan 28 16:33:21 2019 +0700

    Add upstream patches

commit 0228f7b5010e2677dcb78995cb4344d12930746d
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Mon Jan 28 16:02:58 2019 +0700

    Drop obsolete patches

commit ff53da32b3351034b9b5e0aa96e969f6013646df
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Mon Jan 28 15:43:06 2019 +0700

    Refresh libdvdread patches

commit 739f5db6166792f1d5b40710d4d3b64e8f160e21
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Mon Jan 28 15:33:23 2019 +0700

    Fix libdvdread patch

commit c9968322249c37b386a5af4598e17c8877f03b88
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Mon Jan 28 15:22:38 2019 +0700

    Refresh patches

commit 71d0540b36342be95c66d094c4910becd200c28a
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Jan 27 21:19:54 2019 +0700

    Update changelog

commit 1b42154d9de71ae6bbff9f66d32163acd6bbb224
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Thu Aug 2 14:31:10 2018 +0800

    Update extra libdvdnav and libdvdread original tarballs to 6.0.0

commit 18d06d645cabefcd57ee67d3e814ba72c12b33c4
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Wed Aug 1 03:00:45 2018 +0800

    Refresh Debian's libdvdread patches

commit 12cadd68b5124dc5bd926f21f46ce9548f479d49
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Wed Aug 1 02:47:57 2018 +0800

    Refresh upstream's dvdnav and dvdread patches

commit f48897392878d869635fd5f1ee2f9ece76165828
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Tue Jul 31 17:02:59 2018 +0800

    Refresh patches

commit 133dc3c3f9358abe50516ecfd221cd6b7d3e609d
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Tue Jul 31 17:02:09 2018 +0800

    Drop obsoleted patches

commit c184d287f810dd086de83a3ab8ea32f4645320c9
Merge: c08f0054 8db01c7f
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Mon Jan 28 21:44:48 2019 +0700

    Update upstream source from tag 'upstream/18.0_rc5.2+dfsg1'
    
    Update to upstream version '18.0~rc5.2+dfsg1'
    with Debian dir b26a16a54931a0826d1c50b1e5171d3b4e087682

commit 8db01c7f98a63b3965061919c6f86d7de8662454
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Mon Jan 28 21:44:14 2019 +0700

    New upstream version 18.0~rc5.2+dfsg1

commit c08f0054d076ebd54257d585e3d3c57260d933c0
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Mon Jan 28 21:28:14 2019 +0700

    Repack original source using xz

commit d42f7d64ddaebc2904d69ce693b7096a77dba854
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Mon Jan 28 21:12:18 2019 +0700

    Exclude gradle-wrapper.jar from the source package

commit 28b21e831a97f4fbe2d4ae0b13bed51b164357b8
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Nov 25 21:05:17 2018 +0100

    debian/tests/gui: Wait for kodi to start, not just a fixed 5 seconds

commit d7725652be5c8ba08725c00e902b590de1ad424f
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sun Nov 25 21:05:17 2018 +0100

    debian/tests/gui: Wait a bit more for kodi to start
    
    and always print kodi's log.

Created: 2018-11-24 Last update: 2020-01-21 15:44

lintian reports 10 warnings normal

Lintian reports 10 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2019-08-26 Last update: 2019-08-26 03:33

Multiarch hinter reports 2 issue(s) low

There are issues with the multiarch metadata for this package.

kodi-eventclients-kodi-send could be marked Multi-Arch: foreign
kodi-repository-kodi could be marked Multi-Arch: foreign

Created: 2016-09-14 Last update: 2020-01-23 06:38

2 ignored security issues in buster low

There are 2 open security issues in buster.

2 issues skipped by the security teams:

CVE-2018-8831: A Persistent XSS vulnerability exists in Kodi (formerly XBMC) through 17.6 that allows the execution of arbitrary HTML/script code in the context of the victim user's browser via a playlist.
CVE-2017-5982: Directory traversal vulnerability in the Chorus2 2.4.2 add-on for Kodi allows remote attackers to read arbitrary files via a %2E%2E%252e (encoded dot dot slash) in the image path, as demonstrated by image/image%3A%2F%2F%2e%2e%252fetc%252fpasswd.

Please fix them.

Created: 2018-11-22 Last update: 2020-01-17 14:04

2 ignored security issues in stretch low

There are 2 open security issues in stretch.

2 issues skipped by the security teams:

CVE-2018-8831: A Persistent XSS vulnerability exists in Kodi (formerly XBMC) through 17.6 that allows the execution of arbitrary HTML/script code in the context of the victim user's browser via a playlist.
CVE-2017-5982: Directory traversal vulnerability in the Chorus2 2.4.2 add-on for Kodi allows remote attackers to read arbitrary files via a %2E%2E%252e (encoded dot dot slash) in the image path, as demonstrated by image/image%3A%2F%2F%2e%2e%252fetc%252fpasswd.

Please fix them.

Created: 2016-12-04 Last update: 2020-01-17 14:04

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2018-11-18 Last update: 2018-11-18 09:16

news

[rss feed]

[2018-11-23] kodi 2:17.6+dfsg1-4 MIGRATED to testing (Debian testing watch)
[2018-11-20] Accepted kodi 2:17.6+dfsg1-4 (source) into unstable (Balint Reczey)
[2018-11-17] Accepted kodi 2:17.6+dfsg1-3 (source) into unstable (Balint Reczey)
[2018-08-20] kodi REMOVED from testing (Debian testing watch)
[2018-08-20] kodi REMOVED from testing (Debian testing watch)
[2018-05-04] kodi 2:17.6+dfsg1-2 MIGRATED to testing (Debian testing watch)
[2018-04-28] Accepted kodi 2:17.6+dfsg1-2 (source) into unstable (Balint Reczey)
[2017-12-31] kodi 2:17.6+dfsg1-1 MIGRATED to testing (Debian testing watch)
[2017-12-26] Accepted kodi 2:17.6+dfsg1-1 (source) into unstable (Balint Reczey)
[2017-10-11] Accepted kodi 2:17.3+dfsg1-5 (source) into unstable (Jonas Smedegaard)
[2017-10-10] Accepted kodi 2:17.3+dfsg1-4 (source) into unstable (Jonas Smedegaard)
[2017-10-05] Accepted kodi 2:17.3+dfsg1-3 (source amd64 all) into unstable, unstable (Jonas Smedegaard)
[2017-09-05] kodi REMOVED from testing (Debian testing watch)
[2017-07-04] kodi 2:17.3+dfsg1-2 MIGRATED to testing (Debian testing watch)
[2017-06-29] Accepted kodi 2:17.3+dfsg1-2 (source) into unstable (Balint Reczey)
[2017-06-06] Accepted kodi 16.1+dfsg1-2~bpo8+2 (source amd64 all) into jessie-backports->backports-policy, jessie-backports (Balint Reczey)
[2017-05-29] kodi 2:17.1+dfsg1-3 MIGRATED to testing (Debian testing watch)
[2017-05-27] Accepted kodi 2:17.3+dfsg1-1 (source) into experimental (Balint Reczey)
[2017-05-27] Accepted kodi 2:17.1+dfsg1-3 (source) into unstable (Balint Reczey)
[2017-04-19] kodi 2:17.1+dfsg1-2 MIGRATED to testing (Debian testing watch)
[2017-04-13] Accepted kodi 2:17.1+dfsg1-2 (source) into unstable (Balint Reczey)
[2017-04-02] Accepted kodi 2:17.1+dfsg1-1 (source) into experimental (Balint Reczey)
[2017-03-05] Accepted kodi 2:17.1~rc1+dfsg1-1 (source) into experimental (Balint Reczey)
[2017-02-28] kodi 2:17.0+dfsg1-3 MIGRATED to testing (Debian testing watch)
[2017-02-22] Accepted kodi 2:17.0+dfsg1-3 (source) into unstable (Balint Reczey)
[2017-02-20] kodi 2:17.0+dfsg1-2 MIGRATED to testing (Debian testing watch)
[2017-02-09] Accepted kodi 2:17.0+dfsg1-2 (source) into unstable (Balint Reczey)
[2017-02-06] Accepted kodi 2:17.0+dfsg1-1 (source) into experimental (Balint Reczey)
[2017-02-05] kodi 2:17.0~rc3+dfsg1-2 MIGRATED to testing (Debian testing watch)
[2017-02-05] Accepted kodi 2:17.0~rc4+dfsg1-1 (source) into experimental (Balint Reczey)

bugs [bug history graph]

all: 43
RC: 0
I&N: 27
M&W: 15
F&P: 1
patch: 1

links

homepage
lintian (0, 10)
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
security tracker
screenshots
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2:17.6+dfsg1-4ubuntu10
26 bugs (1 patch)
patches for 2:17.6+dfsg1-4ubuntu10