Earlier, you might have read on Fossbytes that a recently discovered attack vector could be used to compromise a system with the help of subtitle files. It’s a known thing that Kodi has a user base of around 10 million unique people per month. So, leaving the vulnerability on its own couldn’t be an option. The development team was working on a fix since last month which has now been included in Kodi 17.2 release.
Here are the fixes and security patches included in Kodi 17.2 release:
- Fixed selection after channelgroup switching in PVR guide window.
- Fixed handling of gaps that caused erratic behavior in EPG grid.
- Allow backing out of fullscreen pictures by mapping longpress guesture.
- Quick fix for the wakeup command not being called in PVR power management.
- Use an alternative method to check if platform updates have been installed on Windows.
- Set the minimum version in the code which is currently OSX 10.8.
- Fixed possible security flaw which could abuse .zip files which try to traverse to a parent directory.
- Use the correct ttc font from the video file for subtitles on Windows.
- Detect and delete zero-byte database files which cause crashes.
Furthermore, XBMC’s Martijn Kaijser has mentioned in an update that due to packaging issues in Kodi 17.2 release, it lacks some add-ons including PVR, Inputstream, and visualization. These add-ons will be added in the next release which is expected to come out soon.
Download Kodi 17.2 Krypton
You can manually download Kodi 17.2 release for Windows, MacOS, Linux, Android, iOS, etc. from the official Kodi website using this link.
However, Windows Store version still features Kodi v17.1 but the team will be updating it soon. For Android users, the updated app is now available on Google Play Store.
If you have something to add, drop your thoughts and feedback.