Описание
Security update for mpv
This update for mpv fixes the following issues:
- CVE-2021-30145: Fixed format string vulnerability allows user-assisted remote attackers to achieve code execution via a crafted m3u playlist file (boo#1186230)
Список пакетов
openSUSE Leap 15.2
libmpv1-0.32.0+git.20200301T004003.e7bab0025f-lp152.2.6.1
mpv-0.32.0+git.20200301T004003.e7bab0025f-lp152.2.6.1
mpv-bash-completion-0.32.0+git.20200301T004003.e7bab0025f-lp152.2.6.1
mpv-devel-0.32.0+git.20200301T004003.e7bab0025f-lp152.2.6.1
mpv-zsh-completion-0.32.0+git.20200301T004003.e7bab0025f-lp152.2.6.1
Ссылки
- E-Mail link for openSUSE-SU-2021:0788-1
- SUSE Security Ratings
- SUSE Bug 1186230
- SUSE CVE CVE-2021-30145 page
Описание
A format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to achieve code execution via a crafted m3u playlist file.
Затронутые продукты
openSUSE Leap 15.2:libmpv1-0.32.0+git.20200301T004003.e7bab0025f-lp152.2.6.1
openSUSE Leap 15.2:mpv-0.32.0+git.20200301T004003.e7bab0025f-lp152.2.6.1
openSUSE Leap 15.2:mpv-bash-completion-0.32.0+git.20200301T004003.e7bab0025f-lp152.2.6.1
openSUSE Leap 15.2:mpv-devel-0.32.0+git.20200301T004003.e7bab0025f-lp152.2.6.1
Ссылки
- CVE-2021-30145
- SUSE Bug 1186230