Control: tags -1 + patch
Control: found -1 mpv/0.29.1-1
FYI, the patch below works for me.
Also, I think the version in stable is also affected. The code differs
slightly so the patch will need a little tweak.
Cheers.
--
>From 937749b545407aa68b1d15ea5e19a6c23d62da42 Mon Sep 17 00:00:00
Package: mpv
Version: 0.32.0-1
Severity: grave
Tags: security fixed-upstream
Justification: user security hole
Dear Maintainer,
If Lua scripts are enabled (they are by default) and configured for use
(Debian doesn't seem to have any active by default) mpv could end up
loading unintended code
2 matches
Mail list logo
