projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 52cec04) | patch
mpv: security bump to 0.27.2
authorMahyar Koshkouei <mahyar.koshkouei@gmail.com>
Mon, 26 Feb 2018 15:41:12 +0000 (15:41 +0000)
committerPeter Korsgaard <peter@korsgaard.com>
Tue, 27 Feb 2018 20:05:00 +0000 (21:05 +0100)
commit2ec6b8b31e1930df4f10c65ec11cce0cca018e96
treee4f76f9c78ea6dd7b91adbc2660fe68cc412a48btree
parent52cec04a6cf7a9bc1e5d9d0479580cd4b086ce31commit | diff
mpv: security bump to 0.27.2

Fixes CVE-2018-6360: mpv through 0.28.0 allows remote attackers to execute
arbitrary code via a crafted web site, because it reads HTML documents
containing VIDEO elements, and accepts arbitrary URLs in a src attribute
without a protocol whitelist.

[Peter: Add CVE description]
Signed-off-by: Mahyar Koshkouei <mahyar.koshkouei@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/mpv/mpv.hash diff | blob | history
package/mpv/mpv.mk diff | blob | history