Updated mpv packages fix security vulnerability
Publication date: 22 Feb 2018Modification date: 10 Jun 2020
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-6360
Description
Josef Gajdusek reported that mpv 0.27.0 was vulnerable to an attack through it's youtube-dl hook. This could cause remote code execution. This upstream update creates of list of sure protocols to use through the hook.
References
SRPMS
6/core
- mpv-0.27.2-1.mga6