mirror of
https://github.com/yt-dlp/yt-dlp.git
synced 2024-12-28 01:41:06 +00:00
de015e9307
The shell escape function is now using `""` instead of `\"`. `utils.Popen` has been patched to properly quote commands. Prior to this fix using `--exec` together with `%q` when on Windows could cause remote code to execute. See https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-42h4-v29r-42qg for reference. Authored by: Grub4K |
||
---|---|---|
.. | ||
urllib | ||
__init__.py | ||
_deprecated.py | ||
_legacy.py | ||
compat_utils.py | ||
functools.py | ||
imghdr.py | ||
shutil.py | ||
types.py |