Download
| Alert*
oval:org.secpod.oval:def:53246
A regression was detected in the previously issued fix for CVE-2018-6360. The patch released with DSA 4105-1 broke the feature of invoking mpv with raw YouTube ids. This update fixes this functionality issue. For reference, the relevant part of the original advisory text follows. It was discovered t ... oval:org.secpod.oval:def:603264 A regression was detected in the previously issued fix for CVE-2018-6360. The patch released with DSA 4105-1 broke the feature of invoking mpv with raw YouTube ids. This update fixes this functionality issue. For reference, the relevant part of the original advisory text follows. It was discovered t ... oval:org.secpod.oval:def:603261 It was discovered that mpv, a media player, was vulnerable to remote code execution attacks. An attacker could craft a malicious web page that, when used as an argument in mpv, could execute arbitrary code in the host of the mpv user. oval:org.secpod.oval:def:53243 It was discovered that mpv, a media player, was vulnerable to remote code execution attacks. An attacker could craft a malicious web page that, when used as an argument in mpv, could execute arbitrary code in the host of the mpv user. |