Debian Package Tracker

general

source: kodi (main)
version: 2:18.7+dfsg1-1
maintainer: Debian Multimedia Maintainers (archive) (DMD)
uploaders: Jonas Smedegaard [DMD]
arch: all any
std-ver: 3.9.8
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 2:17.1+dfsg1-3
stable: 2:17.6+dfsg1-4
unstable: 2:18.7+dfsg1-1

versioned links

2:17.1+dfsg1-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:17.6+dfsg1-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:18.7+dfsg1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

kodi (34 bugs: 0, 23, 11, 0)
kodi-addons-dev
kodi-bin (1 bugs: 0, 1, 0, 0)
kodi-data (1 bugs: 0, 1, 0, 0)
kodi-eventclients-common
kodi-eventclients-dev
kodi-eventclients-kodi-send
kodi-eventclients-ps3
kodi-eventclients-wiiremote
kodi-gbm
kodi-repository-kodi
kodi-wayland
kodi-x11

action needed

A new upstream version is available: 18.7.1 high

A new upstream version 18.7.1 is available, you should consider packaging it.

Created: 2020-06-03 Last update: 2020-06-04 20:30

Multiarch hinter reports 6 issue(s) high

There are issues with the multiarch metadata for this package.

kodi-addons-dev conflicts on /usr/share/kodi/cmake/KodiConfig.cmake on any two of amd64, arm64, armel, armhf, and 2 more
kodi-eventclients-kodi-send could be marked Multi-Arch: foreign
kodi-repository-kodi could be marked Multi-Arch: foreign
kodi-gbm could be marked Multi-Arch: same
kodi-wayland could be marked Multi-Arch: same
kodi-x11 could be marked Multi-Arch: same

Created: 2016-09-14 Last update: 2020-06-04 15:37

Standards version of the package is outdated. high

The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.0 instead of 3.9.8).

Created: 2017-06-29 Last update: 2020-05-27 00:21

2 security issues in sid high

There are 2 open security issues in sid.

2 important issues:

CVE-2018-8831: A Persistent XSS vulnerability exists in Kodi (formerly XBMC) through 17.6 that allows the execution of arbitrary HTML/script code in the context of the victim user's browser via a playlist.
CVE-2017-5982: Directory traversal vulnerability in the Chorus2 2.4.2 add-on for Kodi allows remote attackers to read arbitrary files via a %2E%2E%252e (encoded dot dot slash) in the image path, as demonstrated by image/image%3A%2F%2F%2e%2e%252fetc%252fpasswd.

Please fix them.

Created: 2015-07-13 Last update: 2020-05-27 00:15

The package has not entered testing even though the delay is over normal

The package has not entered testing even though the 2-day delay is over. Check why.

Created: 2020-05-29 Last update: 2020-06-04 19:35

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2020-02-26 Last update: 2020-06-04 19:32

Depends on packages which need a new maintainer normal

The packages that kodi depends on which need a new maintainer are:

cwiid (#810992)
- Build-Depends: libcwiid-dev
- Depends: libcwiid1
enca (#953094)
- Build-Depends: libenca-dev
fstrcmp (#765334)
- Build-Depends: libfstrcmp-dev
- Depends: libfstrcmp0 libfstrcmp0 libfstrcmp0

Created: 2019-11-22 Last update: 2020-06-04 17:32

4 new commits since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit 00580dafe32f2063dd63fbb3e764e232478b75f4
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Tue Jun 2 21:04:48 2020 +0200

    debian/README.source: Gbp now exports components properly

commit c4e23ad07dd6a1f17ea0fdd9887a112928b0423f
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Tue Jun 2 16:26:21 2020 +0200

    debian/gbp.conf: Set components

commit b19a6017d2ba13ede7ddfc7cd35e53c56b5577f1
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Tue Jun 2 15:54:54 2020 +0200

    debian/README.source: Clarify that dvdread and dvdnav are patched for Kodi

commit a94664834dfbda1b01912a248b24a36d70571ad2
Author: Adrian Bunk <bunk@debian.org>
Date:   Sat May 30 21:52:11 2020 +0200

    Don't enable SSE in i386 builds
    
    Closes: #961856

Created: 2020-05-30 Last update: 2020-06-02 21:05

AppStream hints: 1 warning normal

AppStream found metadata issues for packages:

kodi: 1 warning

You should get rid of them to provide more metadata about this software.

Created: 2020-06-01 Last update: 2020-06-01 01:13

lintian reports 15 warnings normal

Lintian reports 15 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2020-05-21 Last update: 2020-05-21 00:04

2 ignored security issues in buster low

There are 2 open security issues in buster.

2 issues skipped by the security teams:

CVE-2018-8831: A Persistent XSS vulnerability exists in Kodi (formerly XBMC) through 17.6 that allows the execution of arbitrary HTML/script code in the context of the victim user's browser via a playlist.
CVE-2017-5982: Directory traversal vulnerability in the Chorus2 2.4.2 add-on for Kodi allows remote attackers to read arbitrary files via a %2E%2E%252e (encoded dot dot slash) in the image path, as demonstrated by image/image%3A%2F%2F%2e%2e%252fetc%252fpasswd.

Please fix them.

Created: 2018-11-22 Last update: 2020-05-27 00:15

2 ignored security issues in stretch low

There are 2 open security issues in stretch.

2 issues skipped by the security teams:

CVE-2018-8831: A Persistent XSS vulnerability exists in Kodi (formerly XBMC) through 17.6 that allows the execution of arbitrary HTML/script code in the context of the victim user's browser via a playlist.
CVE-2017-5982: Directory traversal vulnerability in the Chorus2 2.4.2 add-on for Kodi allows remote attackers to read arbitrary files via a %2E%2E%252e (encoded dot dot slash) in the image path, as demonstrated by image/image%3A%2F%2F%2e%2e%252fetc%252fpasswd.

Please fix them.

Created: 2016-12-04 Last update: 2020-05-27 00:15

Build log checks report 2 warnings low

Build log checks report 2 warnings

Created: 2018-11-18 Last update: 2020-03-22 02:31

Issues found with some translations low

Automatic checks made by the Debian l10n team found some issues with the translations contained in this package. You should check the l10n status report for more information.

Issues can be things such as missing translations, problematic translated strings, outdated PO files, unknown languages, etc.

Created: 2020-02-26 Last update: 2020-02-26 10:49

testing migrations

excuses:
- Migrates after: pillow-python2
- Migration status for kodi (- to 2:18.7+dfsg1-1): BLOCKED: Rejected/violates migration policy/introduces a regression
- Issues preventing migration:
- Updating kodi introduces new bugs: #936805, #961856
- Depends: kodi pillow-python2
- Additional info:
- Piuparts tested OK - https://piuparts.debian.org/sid/source/k/kodi.html
- Required age reduced by 3 days because of autopkgtest
- 9 days old (needed 2 days)
- Not considered

news

[rss feed]

[2020-05-26] Accepted kodi 2:18.7+dfsg1-1 (source) into unstable (Balint Reczey)
[2020-05-10] kodi REMOVED from testing (Debian testing watch)
[2020-04-03] Accepted kodi 2:18.6+dfsg1-2 (source) into unstable (Balint Reczey)
[2020-04-01] kodi 2:18.6+dfsg1-1 MIGRATED to testing (Debian testing watch)
[2020-03-21] Accepted kodi 2:18.6+dfsg1-1 (source) into unstable (Balint Reczey)
[2020-03-19] Accepted kodi 2:18.6+dfsg1-1~exp1 (source) into experimental (Balint Reczey)
[2020-03-18] Accepted kodi 2:18.6+dfsg1-1~exp0 (source) into experimental (Balint Reczey)
[2020-01-24] Accepted kodi 2:18.5+dfsg1-1~exp0 (source amd64 all) into experimental, experimental (Balint Reczey)
[2018-11-23] kodi 2:17.6+dfsg1-4 MIGRATED to testing (Debian testing watch)
[2018-11-20] Accepted kodi 2:17.6+dfsg1-4 (source) into unstable (Balint Reczey)
[2018-11-17] Accepted kodi 2:17.6+dfsg1-3 (source) into unstable (Balint Reczey)
[2018-08-20] kodi REMOVED from testing (Debian testing watch)
[2018-08-20] kodi REMOVED from testing (Debian testing watch)
[2018-05-04] kodi 2:17.6+dfsg1-2 MIGRATED to testing (Debian testing watch)
[2018-04-28] Accepted kodi 2:17.6+dfsg1-2 (source) into unstable (Balint Reczey)
[2017-12-31] kodi 2:17.6+dfsg1-1 MIGRATED to testing (Debian testing watch)
[2017-12-26] Accepted kodi 2:17.6+dfsg1-1 (source) into unstable (Balint Reczey)
[2017-10-11] Accepted kodi 2:17.3+dfsg1-5 (source) into unstable (Jonas Smedegaard)
[2017-10-10] Accepted kodi 2:17.3+dfsg1-4 (source) into unstable (Jonas Smedegaard)
[2017-10-05] Accepted kodi 2:17.3+dfsg1-3 (source amd64 all) into unstable, unstable (Jonas Smedegaard)
[2017-09-05] kodi REMOVED from testing (Debian testing watch)
[2017-07-04] kodi 2:17.3+dfsg1-2 MIGRATED to testing (Debian testing watch)
[2017-06-29] Accepted kodi 2:17.3+dfsg1-2 (source) into unstable (Balint Reczey)
[2017-06-06] Accepted kodi 16.1+dfsg1-2~bpo8+2 (source amd64 all) into jessie-backports->backports-policy, jessie-backports (Balint Reczey)
[2017-05-29] kodi 2:17.1+dfsg1-3 MIGRATED to testing (Debian testing watch)
[2017-05-27] Accepted kodi 2:17.3+dfsg1-1 (source) into experimental (Balint Reczey)
[2017-05-27] Accepted kodi 2:17.1+dfsg1-3 (source) into unstable (Balint Reczey)
[2017-04-19] kodi 2:17.1+dfsg1-2 MIGRATED to testing (Debian testing watch)
[2017-04-13] Accepted kodi 2:17.1+dfsg1-2 (source) into unstable (Balint Reczey)
[2017-04-02] Accepted kodi 2:17.1+dfsg1-1 (source) into experimental (Balint Reczey)

bugs [bug history graph]

all: 45
RC: 1
I&N: 28
M&W: 15
F&P: 1
patch: 1

links

homepage
lintian (0, 15)
buildd: logs, checks, clang, cross
popcon
browse source code
edit tags
security tracker
screenshots
l10n (-, 98)
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2:18.7+dfsg1-1ubuntu1
27 bugs (1 patch)
patches for 2:18.7+dfsg1-1ubuntu1