Source: kodi Version: 2:20.0+dfsg-1 Severity: important Tags: security upstream Forwarded: https://github.com/xbmc/xbmc/issues/22377 X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi, The following vulnerability was published for kodi. CVE-2023-23082[0]: | A heap buffer overflow vulnerability in Kodi Home Theater Software up | to 19.5 allows attackers to cause a denial of service due to an | improper length of the value passed to the offset argument. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-23082 https://www.cve.org/CVERecord?id=CVE-2023-23082 [1] https://github.com/xbmc/xbmc/issues/22377 [2] https://github.com/xbmc/xbmc/commit/00fec1dbdd1df827872c7b55ad93059636dfc076 [3] https://github.com/xbmc/xbmc/commit/7e5f9fbf9aaa3540aab35e7504036855b23dcf60 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
