jengelh/yt-dlp
SHA256
1
0
Fork 0
forked from pool/yt-dlp
Code Pull Requests Activity

Add openSUSE bugzilla reference for CVE-2024-38519

Browse Source
This commit is contained in:
Jan Engelhardt 2024-07-02 19:54:26 +02:00
parent 153d9706b4
commit 81825454db
1 changed files with 3 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
yt-dlp.changes
View File

@ -2,11 +2,9 @@
Tue Jul 2 10:30:24 UTC 2024 - Michael Vetter <mvetter@suse.com>
- Update to release 2024.07.01:
* Security: [CVE-2024-38519] Properly sanitize file-extension
to prevent file system modification and RCE
Unsafe extensions are now blocked from being downloaded
* For details see:
https://github.com/yt-dlp/yt-dlp/releases/tag/2024.07.01
* Properly sanitize file-extension to prevent file system
modification and RCE. Unsafe extensions are now blocked from
being downloaded. [CVE-2024-38519 boo#1227305]
-------------------------------------------------------------------
Tue May 28 06:39:46 UTC 2024 - Jan Engelhardt <jengelh@inai.de>