[Git][security-tracker-team/security-tracker][master] Reserve DLA-4423-1 for kodi

Sun Dec 28 18:21:12 GMT 2025


Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ac1c77d0 by Abhijith PA at 2025-12-28T23:50:47+05:30
Reserve DLA-4423-1 for kodi

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -261633,7 +261633,6 @@ CVE-2023-30208
 CVE-2023-30207 (A divide by zero issue discovered in Kodi Home Theater Software 19.5 a ...)
 	{DLA-3712-1}
 	- kodi 2:20.0~rc2+dfsg-2 (bug #1040593)
-	[bullseye] - kodi <no-dsa> (Minor issue)
 	NOTE: https://github.com/xbmc/xbmc/issues/22378
 	NOTE: https://github.com/xbmc/xbmc/commit/dbc00c500f4c4830049cc040a61c439c580eea73
 	NOTE: https://github.com/xbmc/xbmc/pull/22391
@@ -283450,7 +283449,6 @@ CVE-2023-23083
 CVE-2023-23082 (A heap buffer overflow vulnerability in Kodi Home Theater Software up  ...)
 	{DLA-3712-1}
 	- kodi 2:20.0+dfsg-2 (bug #1031048)
-	[bullseye] - kodi <no-dsa> (Minor issue)
 	NOTE: https://github.com/xbmc/xbmc/issues/22377
 	NOTE: https://github.com/xbmc/xbmc/commit/00fec1dbdd1df827872c7b55ad93059636dfc076
 	NOTE: https://github.com/xbmc/xbmc/commit/7e5f9fbf9aaa3540aab35e7504036855b23dcf60


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[28 Dec 2025] DLA-4423-1 kodi - security update
+	{CVE-2023-23082 CVE-2023-30207}
+	[bullseye] - kodi 2:19.1+dfsg2-2+deb11u2
 [27 Dec 2025] DLA-4422-1 pgbouncer - security update
 	{CVE-2025-12819}
 	[bullseye] - pgbouncer 1.15.0-1+deb11u2


=====================================
data/dla-needed.txt
=====================================
@@ -186,10 +186,6 @@ knot-resolver (Utkarsh)
   NOTE: 20251223: update prepared @ https://salsa.debian.org/lts-team/packages/knot-resolver/-/tree/debian/bullseye?ref_type=heads.
   NOTE: 20251223: but have reached out to Jakub and Santiago, as maintainers, for a review. (utkarsh)
 --
-kodi (abhijith)
-  NOTE: 20251206: Added by Front-Desk (rouca)
-  NOTE: 20251206: Closes remaining CVEs closed in buster and bookworm (rouca/front-desk)
---
 lemonldap-ng
   NOTE: 20250813: Added by Front-Desk (lamby)
   NOTE: 20250813: CVE-2024-52948 was marked as <postponed>, but fixed in bookworm. (lamby)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac1c77d0dd0d61db6246a1f2255bd4f972e2b48a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac1c77d0dd0d61db6246a1f2255bd4f972e2b48a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251228/31a75a23/attachment-0001.htm>
