WARNING!! URGENT UPDATE REQUIRED TO KODI 17.3 KRYPTON - SECURITY FIXES

[Jai Dee]

Please all update your kodi versions on all devices as it fixes a security flaw that has recently been discovered that has allowed hackers to infect devices with trojans using subtitles downloaded in media players.

 

Fixes done in this release:

 

Fixed missing binary add-ons on release time

Fixed crash on older distros like Ubuntu 14.04 with GCC 4.8 compiler

From previous v17.2 release:

Fix selection after channelgroup switching in PVR guide window

Fix handling of gaps that caused eradic behaviour in EPG grid

Allow backing out of fullscreen pictures by mapping longpress guesture

Quick fix for wake up command not being called in PVR power management

Use alternative method to check if platform updates have been installed on Windows

Set the minimum version in the code which is currently OSX 10.8

Fix possible security flaw which could abused .zip files which try to traverse to a parent directory

Use the correct ttc font from the video file for subtitles on Windows

Detect and delete zero-byte database files which causes crashes

 

Security

You may have read in the news that malicious subtitle zip files could potentially infect and harm your media player including Kodi. When Check Point researchers uncovered this flaw they contacted us up front to let us know about this flaw. Our developers fixed this security gap and have added the fix to this v17.2 release. As such we highly encourage all users to install this latest version! Any previous Kodi version will not get any security patch. We have began the roll out of this version and Android Play Store as well as Windows Store have this update pending and will roll out as soon as possible. Please be patient if you are using these store versions. Our official download page of course has the regular install files available for the supported platforms.

 

To be clear this possible vulnerability is only present when you first enable a subtitle download add-on and then actually download zipped subtitles. Any subtitles that you already have as text file, are embedded in the video stream or are included with your DVD or Blurays are safe.

 

Source: Kodi.tv

 

Official download page here.

[Jai Dee]

 

[SooKee]

"Allow backing out of fullscreen pictures by mapping longpress gesture"

 

Interesting, missed this.  Does this kill / stop the fullscreen playback or just allow you to back out of it to the home secreen by a long press?  Several times I've backed out then had to go back in to hit STOP so I can go back and do what I want (e.g. switch streams).  Sometimes I've just switched streams with the other one running, never been sure if that's a good idea though and worried it might cause a crash.

[Jai Dee]

I've never tried it myself, but there has been a long-press keymap available in Kodi since version 16 I think. 

 

What this meant was that you can long-press a button on your remote control to open extra content, such as context menus with additional information about an item.

 

It also made it particularly useful when running Kodi on a three-finger touchpad mapping for Apple's iOS mobile operating system.

 

There is more information on the subject in the Kodi wiki - see here.

[JHolmesJr]

28 minutes ago, SooKee said:

"Allow backing out of fullscreen pictures by mapping longpress gesture"

 

Interesting, missed this.  Does this kill / stop the fullscreen playback or just allow you to back out of it to the home secreen by a long press?  Several times I've backed out then had to go back in to hit STOP so I can go back and do what I want (e.g. switch streams).  Sometimes I've just switched streams with the other one running, never been sure if that's a good idea though and worried it might cause a crash.

 

Don't even know what they mean by this.

 

There is a really annoying bug in Kodi if you're using the Minix A2 Lite Airmouse…..where you'd be a few layers into an add-on and press the back button…..only to be taken right back out of the add-on….not just one layer back. I fixed that by following this tutorial. It's in the Minix forum but works for all boxes, even Shield.

 

The second post is the first step to be taken. Instal the program add-on called keycap editor….then follow instructions in the first post below. It fixed by back button problems good.

 

 

Edited May 29, 2017 by JHolmesJr

[Jai Dee]

There are some useful keymaps you can try also available on github... a very useful Kodi resource.

 

See here.

[SooKee]

I'll have to look into the long press and how it might be of benefit (if any) when using Kodi on a box with Air Mouse.

 

[mention=49103]JHolmesJr[/mention] yeah I have remapped the back key function when I first started using Kodi with the A3. You're right, it was really infuriating to press the back key only to be taken back to the home screen! The other thing that bugged me with the Air Mouse until I got fully familiar with it was how many times the back button wouldn't work in regular apps. Took me a while to realise that in many, if not all, cases, you need to press the fly mode (pointer) button again to disable it before the back button would work again.

 

 

 

 

Posted using Tapatalk

 

 

[Jai Dee]

Just something to remember if you are going to play around with keymaps...  keymap files are applied by Kodi in reverse alphabetical order so if you name your new file z_remote.xml it will take precedent over any other existing keymaps.

[SooKee]

One thing I have noticed is that the 17.2 and 17.3 updates seem to keep breaking the bloody TrakT sync in Exodus.  The account is still there, the long press on an episode / movie still brings up the Trak contextual menu but the syncing doesn't work, neither does the pop-up box for the rating after watching.  Have to keep resetting the TraktT authorisation under Exodus / Accounts to kick the sync into working again.  It also knackered up after the FX resolver update after 17.3.  PITFA!!!  Hopefully were done with bloody updates for a while!!  

 

Sometimes after not working I find TrakT is a PITA to get sync working again.  Even a reset doesn't do it.  Trick that works for me then is to use a long press and bring up the contextual menu on any episode and mark it 'Watched (or Unwatched) in TrakT'.  That seems to give it the KUTA it needs!

Edited May 29, 2017 by SooKee