Your message dated Sat, 27 May 2017 01:33:50 +0000 with message-id <e1deqc2-0005ko...@fasolo.debian.org> and subject line Bug#863230: fixed in kodi 2:17.1+dfsg1-3 has caused the Debian Bug report #863230, regarding kodi: CVE-2017-8314: malicious subtitle zip files vulnerability to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 863230: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863230 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: kodi severity: important Dear Maintainer, Kodi 17.2 have an important fix for the malicious subtitles vulnerability that has the potential to compromise your machine. It is important to update to this version as soon as possible. http://blog.checkpoint.com/2017/05/23/hacked-in-translation/ Kind regards, Jonatan
--- End Message ---
--- Begin Message ---Source: kodi Source-Version: 2:17.1+dfsg1-3 We believe that the bug you reported is fixed in the latest version of kodi, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 863...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Balint Reczey <rbal...@ubuntu.com> (supplier of updated kodi package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 27 May 2017 00:50:34 +0200 Source: kodi Binary: kodi kodi-data kodi-bin kodi-eventclients-common kodi-eventclients-dev kodi-eventclients-wiiremote kodi-eventclients-ps3 kodi-eventclients-kodi-send kodi-addons-dev xbmc xbmc-bin xbmc-eventclients-common xbmc-eventclients-dev xbmc-eventclients-wiiremote xbmc-eventclients-ps3 xbmc-eventclients-xbmc-send xbmc-addons-dev Architecture: source Version: 2:17.1+dfsg1-3 Distribution: unstable Urgency: medium Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintain...@lists.alioth.debian.org> Changed-By: Balint Reczey <rbal...@ubuntu.com> Description: kodi - Open Source Home Theatre (executable binaries) kodi-addons-dev - Open Source Home Theatre (Addons Dev package) kodi-bin - Open Source Home Theatre (architecture-dependent files) kodi-data - Open Source Home Theatre (arch-independent data package) kodi-eventclients-common - Open Source Home Theatre (Event Client Common package) kodi-eventclients-dev - Open Source Home Theatre (Event Client Dev package) kodi-eventclients-kodi-send - Open Source Home Theatre (Event Client Kodi-SEND package) kodi-eventclients-ps3 - Open Source Home Theatre (Event Client PS3 package) kodi-eventclients-wiiremote - Open Source Home Theatre (Event Client WII Remote support package xbmc - transitional dummy package xbmc-addons-dev - transitional dummy package xbmc-bin - transitional dummy package xbmc-eventclients-common - transitional dummy package xbmc-eventclients-dev - transitional dummy package xbmc-eventclients-ps3 - transitional dummy package xbmc-eventclients-wiiremote - transitional dummy package xbmc-eventclients-xbmc-send - transitional dummy package Closes: 863230 Changes: kodi (2:17.1+dfsg1-3) unstable; urgency=medium . * Fix zip file directory traversal vulnerability (CVE-2017-8314) (Closes: #863230) Checksums-Sha1: 7d1466ded4492133d5579e17133c5d8389498825 5644 kodi_17.1+dfsg1-3.dsc e6e3e8c59af0b51918ee6130b6ba28703df63aa7 39352 kodi_17.1+dfsg1-3.debian.tar.xz Checksums-Sha256: 17cdad848ca5be42ecdba690a66e426f943d563d37475fc2a866499b40e2548b 5644 kodi_17.1+dfsg1-3.dsc f142ac43faa808d990cc003586898a20358e48b2ca5d171c67e3d665a9acf069 39352 kodi_17.1+dfsg1-3.debian.tar.xz Files: 93d1b1097e6cc77d79d5813d7c9336fc 5644 video optional kodi_17.1+dfsg1-3.dsc 5ee5638ea360e2f81e3c0ea0a9e94dab 39352 video optional kodi_17.1+dfsg1-3.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJZKNLIAAoJEPZk0la0aRp9EREP/jBKKnd7XFFL4MRt78f5DsVV 1ux1nxBuDbf9iSV9nJkvN4Jp5RgteT+xMm4RZAeQWYS8t+JNeJ6nU4Iccoyeb3HA b6/31rXby/6rkaAls+hj/DTgFchEHer/MT967t3hNXMRoBCN6MUuofxeptd7Bq0u BwW6tLmph6nykMn7kX7im45OW46CFIQloKvEOEXYC3UNpQzLenlSl1IXKUdcCkOI YgyY5WyfKNEKhxMxsmh9SWJMVZX17LNLgM9RD6IeUvA4Bm9p9V/TVp2FOn/pXNz8 jmPqy2+iirMsKo+Wwo1mb6npYKoHF6H1bzEfH8qVClVh4PCISa/N/Oh8ATm+k/Bw mgYos+qHO9nmyhyn4+WJwe3GzUEvg4MT9ZaXyMFBZINjY59dQfGaG3f9/dnDl2b/ nvB9E8NbGuYACUvDe/Gn9cQy1/7I5KqkmODzprvjQsiQo8gGnxU3Vaq/hNdmqgSt mDj+FdZVAZbVe5uMLSjzRE/IFHoBuuoHTjBL+/CPZf/L4zJPlUy+/pUz0rtCOISS VmisOGV++2CDmGVzPAPfl5y49ktLxFdLmVBNb0ea2LQwGQ4itrTaxgeEdPllUYfX VBdx4kPLzWnoi3fwt6CKdL6hOb5wwGdI5UgtdbwAov1q5/Mv5KU/CN64HtpZTMyz dVItyC5oDXFGxsx6eOzD =8D0K -----END PGP SIGNATURE-----
--- End Message ---
