[bug#30378] [PATCH] gnu: mpv: Fix CVE-2018-6360.

guix-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#30378] [PATCH] gnu: mpv: Fix CVE-2018-6360.

From:	Leo Famulari
Subject:	[bug#30378] [PATCH] gnu: mpv: Fix CVE-2018-6360.
Date:	Thu, 8 Feb 2018 14:16:06 -0500
User-agent:	Mutt/1.9.2 (2017-12-15)

On Thu, Feb 08, 2018 at 01:53:52PM +0800, Alex Vong wrote:
> Leo Famulari <address@hidden> writes:
> > I noticed that the person who fixed the bug upstream said that 4 commits
> > were needed [0], but this patch (and Debian's and Nix's) are missing the
> > first in that person's list, 828bd2963cd10.
> >
> > I'm going to ask upstream to clarify but, in the meantime, do you know
> > why this patch is not included?
> >
> I have no idea about this. I think we should wait for the author to tell
> us what they think. Here is a new patch with the 4 commits:

Upstream clarified that the "missing" commit is not actually necessary
here:

"Yeah, nevermind. Being able to use the native dash demuxer is not
necessary for the security fixes."

https://github.com/mpv-player/mpv/issues/5456#issuecomment-364087205

So I'm going to test and push your original patch shortly.

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[bug#30378] [PATCH] gnu: mpv: Fix CVE-2018-6360., Alex Vong, 2018/02/07
- [bug#30378] [PATCH] gnu: mpv: Fix CVE-2018-6360., Alex Vong, 2018/02/07
- [bug#30378] [PATCH] gnu: mpv: Fix CVE-2018-6360., Leo Famulari, 2018/02/07
  - [bug#30378] [PATCH] gnu: mpv: Fix CVE-2018-6360., Alex Vong, 2018/02/08
    - [bug#30378] [PATCH] gnu: mpv: Fix CVE-2018-6360., Leo Famulari <=
- bug#30378: [PATCH] gnu: mpv: Fix CVE-2018-6360., Leo Famulari, 2018/02/08

Prev by Date: [bug#30386] [PATCH v2 cuirass] database: Prevent SQL injection.
Next by Date: bug#30378: [PATCH] gnu: mpv: Fix CVE-2018-6360.
Previous by thread: [bug#30378] [PATCH] gnu: mpv: Fix CVE-2018-6360.
Next by thread: bug#30378: [PATCH] gnu: mpv: Fix CVE-2018-6360.
Index(es):
- Date
- Thread