[SECURITY] [DLA 4423-1] kodi security update

Sun, 28 Dec 2025 10:25:00 -0800 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4423-1                [email protected]
https://www.debian.org/lts/security/                          Abhijith PA
December 28, 2025                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : kodi
Version        : 2:19.1+dfsg2-2+deb11u2
CVE ID         : CVE-2023-23082 CVE-2023-30207


Multiple vulnerabilities have been discovered in Kodi, a media-player 
and entertainment hub.

CVE-2023-23082

    A heap buffer overflow vulnerability in Kodi allows attackers to 
    cause a denial of service due to an improper length of the value 
    passed to the offset argument.

CVE-2023-30207

    A divide by zero issue discovered in Kodi allows attackers to 
    cause a denial of service via use of crafted mp3 file

For Debian 11 bullseye, these problems have been fixed in version
2:19.1+dfsg2-2+deb11u2.

We recommend that you upgrade your kodi packages.

For the detailed security status of kodi please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/kodi

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE7xPqJqaY/zX9fJAuhj1N8u2cKO8FAmlRddoACgkQhj1N8u2c
KO/43w//Xojr9AIsdcItGlYLn19imueMufCKJEzPTrMcMJjoqvTQhzA3J9xwNadY
1l7KzQU86Ruc+3QbBuq1Lyy0oudECM3kRNzPukrFnc6jCd92779mxfnDRlRm5DKo
MEwFGD/qufT/CwDs7TYebUb0yHPQQrpV8lM1BbVMg9USmYI/QVrNK8067eCDN+sD
9+kYsV8kE+zz51BXG+Trqk6PG+IheVROesvmMIdg+4r749artV8aFoOEQ2h5XIAU
fFW4CuvL7a2nkBLkfMpkyaUGLXCvMwyKQuOVeDV5nObgFaiZ8pwHN70ZKmxsbNIO
A9RZdy2OO56cjZPFPNAZqA2ioXqpZpblX7aUEVT+cvyemTDIDAjP0+d+XdmckU7H
TS5imKdWwoWg19micNC20SM6DCuzH44K/vFMYTaIi57+haxhgOuASke2Nxvx1pp8
kLhUW+LJPIOjGL178NRImSlLZPwvMQWDvjx9uYersCxzvo/iNc+KSim2x3Pxct/0
iCuaDKqT/UV+uDdUetaPfD0Oj9GWKkMxvN7n0XRLrsMorxDFcxXYi/BiJFqjMH2W
vsd90BskV6vzNhLjz7c/wz98kFxBiUyG6j8WvWvbeN2jRuyRlNYcfXh7nw6gSpyo
mCdzBl8GJyLUNQpY4iFBNOTKCoNkdCJeAZQZjOwxein+NaQsA3c=
=JHVG
-----END PGP SIGNATURE-----

Reply via email to