Package: mpv Version: 0.32.0-2+b1 Severity: grave Tags: security Justification: user security hole X-Debbugs-Cc: Debian Security Team <team@security.debian.org> Dear Maintainer, Version 0.33.1 was released on Mon, 5 Apr 2021. Apparently this fixes a security problem (CVE-2021-30145) that affects every version since 2002. A description of the problem can be found at: https://github.com/mpv-player/mpv/commit/cb3fa04bcb2ba9e0d25788480359157208c13e0b The release can be found at: https://github.com/mpv-player/mpv/releases Thanks, Wessel Dankers -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-5-amd64 (SMP w/4 CPU threads) Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages mpv depends on: ii libarchive13 3.4.3-2+b1 ii libasound2 1.2.4-1.1 ii libass9 1:0.15.0-1 ii libavcodec58 7:4.3.2-0+deb11u1 ii libavdevice58 7:4.3.2-0+deb11u1 ii libavfilter7 7:4.3.2-0+deb11u1 ii libavformat58 7:4.3.2-0+deb11u1 ii libavutil56 7:4.3.2-0+deb11u1 ii libbluray2 1:1.2.1-4 ii libc6 2.31-11 ii libcaca0 0.99.beta19-2.2 ii libcdio-cdda2 10.2+2.0.0-1+b2 ii libcdio-paranoia2 10.2+2.0.0-1+b2 ii libcdio19 2.1.0-2 ii libdrm2 2.4.104-1 ii libdvdnav4 6.1.0-1+b1 ii libegl1 1.3.2-1 ii libgbm1 20.3.4-1 ii libgl1 1.3.2-1 ii libjack-jackd2-0 [libjack-0.125] 1.9.17~dfsg-1 ii libjpeg62-turbo 1:2.0.6-4 ii liblcms2-2 2.12~rc1-2 ii liblua5.2-0 5.2.4-1.1+b3 ii libpulse0 14.2-2 ii librubberband2 1.9.0-1 ii libsdl2-2.0-0 2.0.14+dfsg2-3 ii libsmbclient 2:4.13.5+dfsg-1 ii libsndio7.0 1.5.0-3 ii libswresample3 7:4.3.2-0+deb11u1 ii libswscale5 7:4.3.2-0+deb11u1 ii libuchardet0 0.0.7-1 ii libva-drm2 2.10.0-1 ii libva-wayland2 2.10.0-1 ii libva-x11-2 2.10.0-1 ii libva2 2.10.0-1 ii libvdpau1 1.4-3 ii libwayland-client0 1.18.0-2~exp1.1 ii libwayland-cursor0 1.18.0-2~exp1.1 ii libwayland-egl1 1.18.0-2~exp1.1 ii libx11-6 2:1.7.0-2 ii libxext6 2:1.3.3-1.1 ii libxinerama1 2:1.1.4-2 ii libxkbcommon0 1.0.3-2 ii libxrandr2 2:1.5.1-1 ii libxss1 1:1.2.3-1 ii libxv1 2:1.0.11-1 ii zlib1g 1:1.2.11.dfsg-2 Versions of packages mpv recommends: pn xdg-utils <none> pn youtube-dl <none> mpv suggests no packages. -- no debconf information
Attachment:
signature.asc
Description: PGP signature