Commits
Mahyar Koshkouei committed 2ec6b8b31e1
mpv: security bump to 0.27.2 Fixes CVE-2018-6360: mpv through 0.28.0 allows remote attackers to execute arbitrary code via a crafted web site, because it reads HTML documents containing VIDEO elements, and accepts arbitrary URLs in a src attribute without a protocol whitelist. [Peter: Add CVE description] Signed-off-by: Mahyar Koshkouei <mahyar.koshkouei@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>