svn commit: r461331 - head/security/vuxml
Jan Beich
jbeich at FreeBSD.org
Sun Feb 11 08:49:10 UTC 2018
"Carlos J. Puga Medina" <cpm at FreeBSD.org> writes:
> Author: cpm
> Date: Fri Feb 9 20:03:06 2018
> New Revision: 461331
> URL: https://svnweb.freebsd.org/changeset/ports/461331
>
> Log:
> Document vulnerability in Mpv
>
> PR: 225783
> Submitted by: Vladimir Krstulja <vlad-fbsd at acheronmedia.com>
> Obtained from: https://nvd.nist.gov/vuln/detail/CVE-2018-6360
> Security: CVE-2018-6360
>
> Modified:
> head/security/vuxml/vuln.xml
>
> Modified: head/security/vuxml/vuln.xml
> ==============================================================================
> --- head/security/vuxml/vuln.xml Fri Feb 9 19:54:06 2018 (r461330)
> +++ head/security/vuxml/vuln.xml Fri Feb 9 20:03:06 2018 (r461331)
> @@ -58,6 +58,39 @@ Notes:
> * Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
> -->
> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
> + <vuln vid="3ee6e521-0d32-11e8-99b0-d017c2987f9a">
> + <topic>mpv -- arbitrary code execution via crafted website</topic>
> + <affects>
> + <package>
> + <name>mpv</name>
> + <range><le>0.28.0</le></range>
CVE-2018-6360 was also fixed in 0.27.1, see
https://github.com/mpv-player/mpv/issues/5507
https://github.com/mpv-player/mpv/releases/tag/v0.27.1
More information about the svn-ports-head
mailing list