Simon Sawicki de015e9307 [core] Prevent RCE when using --exec with %q (CVE-2023-40581) ... The shell escape function is now using `""` instead of `\"`. `utils.Popen` has been patched to properly quote commands. Prior to this fix using `--exec` together with `%q` when on Windows could cause remote code to execute. See https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-42h4-v29r-42qg for reference. Authored by: Grub4K		2023-09-24 02:29:01 +02:00
..
__pyinstaller	[build] Make sure deprecated modules are added	2023-07-15 16:47:55 +05:30
compat	[core] Prevent RCE when using --exec with %q (CVE-2023-40581)	2023-09-24 02:29:01 +02:00
dependencies	[dependencies] Handle deprecation of sqlite3.version (#8167)	2023-09-21 15:58:53 +00:00
downloader	[cleanup] Misc fixes	2023-07-22 09:09:52 +05:30
extractor	[ie/nfl.com:plus:replay] Fix extractor (#7838)	2023-09-23 23:47:14 +00:00
networking	[cleanup] Misc (#8182)	2023-09-23 20:00:31 +00:00
postprocessor	[core] Prevent RCE when using --exec with %q (CVE-2023-40581)	2023-09-24 02:29:01 +02:00
utils	[core] Prevent RCE when using --exec with %q (CVE-2023-40581)	2023-09-24 02:29:01 +02:00
__init__.py	[compat, networking] Deprecate old functions (#2861)	2023-07-15 16:18:35 +05:30
__main__.py
aes.py
cache.py
casefold.py	Update to ytdl-commit-07af47	2023-06-21 09:21:23 +05:30
cookies.py	[cookies] Containers JSON should be opened as utf-8 (#7800)	2023-08-12 21:30:23 +00:00
jsinterp.py	Update to ytdl-commit-07af47	2023-06-21 09:21:23 +05:30
minicurses.py
options.py	Improve --download-sections	2023-06-22 13:03:07 +05:30
plugins.py
socks.py	[networking] Fix various socks proxy bugs (#8065)	2023-09-18 07:33:26 +00:00
update.py	[core] Raise minimum recommended Python version to 3.8 (#8183)	2023-09-24 02:24:47 +02:00
version.py	Release 2023.07.06	2023-07-06 18:57:59 +00:00
webvtt.py
YoutubeDL.py	[core] Raise minimum recommended Python version to 3.8 (#8183)	2023-09-24 02:24:47 +02:00