Package: kodi Version: 2:17.1+dfsg1-2 Severity: important Dear Maintainer,
Please read this: https://www.tvaddons.ag/krypton-security- flaw/?utm_campaign=twitter&utm_medium=twitter&utm_source=twitter TLDR; An attacker could gain control of any Kodi device through the use of malicious code placed within subtitles. Hypothetically, if an infected subtitle file were to be downloaded by Kodi, it could give a hacker full control over your device. This is particularly concerning when it comes to automatically downloaded subtitles. Kind Regards Brent Clark -- System Information: Debian Release: 9.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-3-amd64 (SMP w/8 CPU cores) Locale: LANG=en_ZA.utf8, LC_CTYPE=en_ZA.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages kodi depends on: ii init-system-helpers 1.48 ii kodi-bin 2:17.1+dfsg1-2 ii kodi-data 2:17.1+dfsg1-2 Versions of packages kodi recommends: ii kodi-visualization-spectrum 1.1.1-1 kodi suggests no packages. -- no debconf information
