Bug#855225: kodi: CVE-2017-5982: Unrestricted file download
Bálint Réczey
balint at balintreczey.hu
Wed Feb 15 20:43:22 UTC 2017
Control: tags -1 confirmed
Control: found -1 15.1+dfsg1-1
2017-02-15 19:03 GMT+01:00 Salvatore Bonaccorso <carnil at debian.org>:
> Source: kodi
> Severity: important
> Tags: upstream security
> Forwarded: http://trac.kodi.tv/ticket/17314
>
> Hi,
>
> the following vulnerability was published for kodi. I did not had the
> time to verify if 17.0 is affected. Could you please check and add
> according found versions to this bug please or otherwise close after
> checking?
Done.
Cheers,
Balint
>
> CVE-2017-5982[0]:
> local file inclusion
>
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
>
> For further information see:
>
> [0] https://security-tracker.debian.org/tracker/CVE-2017-5982
>
> Please adjust the affected versions in the BTS as needed.
>
> Regards,
> Salvatore
More information about the pkg-multimedia-maintainers
mailing list