NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

mpv: security bump to 0.27.2

Browse Source 
Fixes CVE-2018-6360: mpv through 0.28.0 allows remote attackers to execute
arbitrary code via a crafted web site, because it reads HTML documents
containing VIDEO elements, and accepts arbitrary URLs in a src attribute
without a protocol whitelist.

[Peter: Add CVE description]
Signed-off-by: Mahyar Koshkouei <mahyar.koshkouei@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Mahyar Koshkouei 2018-02-26 15:41:12 +00:00 committed by Peter Korsgaard
parent 52cec04a6c
commit 2ec6b8b31e
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package/mpv/mpv.hash
View File

@ -1,2 +1,2 @@
# Locally calculated # Locally calculated
sha256 341d8bf18b75c1f78d5b681480b5b7f5c8b87d97a0d4f53a5648ede9c219a49c v0.27.0.tar.gz sha256 2ad104d83fd3b2b9457716615acad57e479fd1537b8fc5e37bfe9065359b50be v0.27.2.tar.gz

2
package/mpv/mpv.mk
View File

@ -4,7 +4,7 @@
# #
################################################################################ ################################################################################
MPV_VERSION = 0.27.0 MPV_VERSION = 0.27.2
MPV_SITE = https://github.com/mpv-player/mpv/archive MPV_SITE = https://github.com/mpv-player/mpv/archive
MPV_SOURCE = v$(MPV_VERSION).tar.gz MPV_SOURCE = v$(MPV_VERSION).tar.gz
MPV_DEPENDENCIES = \ MPV_DEPENDENCIES = \