jengelh/yt-dlp
SHA256
1
0
Fork 0
forked from pool/yt-dlp
Code Pull Requests Activity

Add openSUSE bugzilla reference for CVE-2024-38519

Browse Source
This commit is contained in:
Jan Engelhardt 2024-07-02 19:54:26 +02:00
parent 153d9706b4
commit 81825454db
1 changed files with 3 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
yt-dlp.changes
View File

@ -2,11 +2,9 @@
Tue Jul 2 10:30:24 UTC 2024 - Michael Vetter <mvetter@suse.com> Tue Jul 2 10:30:24 UTC 2024 - Michael Vetter <mvetter@suse.com>
- Update to release 2024.07.01: - Update to release 2024.07.01:
* Security: [CVE-2024-38519] Properly sanitize file-extension * Properly sanitize file-extension to prevent file system
to prevent file system modification and RCE modification and RCE. Unsafe extensions are now blocked from
Unsafe extensions are now blocked from being downloaded being downloaded. [CVE-2024-38519 boo#1227305]
* For details see:
https://github.com/yt-dlp/yt-dlp/releases/tag/2024.07.01
------------------------------------------------------------------- -------------------------------------------------------------------
Tue May 28 06:39:46 UTC 2024 - Jan Engelhardt <jengelh@inai.de> Tue May 28 06:39:46 UTC 2024 - Jan Engelhardt <jengelh@inai.de>