1 files changed, 0 insertions, 84 deletions

diff --git a/gnu/packages/patches/mpv-CVE-2018-6360-3.patch b/gnu/packages/patches/mpv-CVE-2018-6360-3.patch
deleted file mode 100644
index dc3e272d37..0000000000
--- a/gnu/packages/patches/mpv-CVE-2018-6360-3.patch
+++ /dev/null
@@ -1,84 +0,0 @@
-Fix CVE-2018-6360:
-
-https://github.com/mpv-player/mpv/issues/5456
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6360
-https://security-tracker.debian.org/tracker/CVE-2018-6360
-
-Patch copied from upstream source repository:
-
-https://github.com/mpv-player/mpv/commit/ce42a965330dfeb7d2f6c69ea42d35454105c828
-
-From ce42a965330dfeb7d2f6c69ea42d35454105c828 Mon Sep 17 00:00:00 2001
-From: Ricardo Constantino <wiiaboo@gmail.com>
-Date: Fri, 26 Jan 2018 18:54:17 +0000
-Subject: [PATCH] ytdl_hook: fix safe url checking with EDL urls
-
----
- player/lua/ytdl_hook.lua | 22 +++++++++++-----------
- 1 file changed, 11 insertions(+), 11 deletions(-)
-
-diff --git a/player/lua/ytdl_hook.lua b/player/lua/ytdl_hook.lua
-index 458c94af38..6c8e78657d 100644
---- a/player/lua/ytdl_hook.lua
-+++ b/player/lua/ytdl_hook.lua
-@@ -264,18 +264,17 @@ local function add_single_video(json)
-             edl_track = edl_track_joined(track.fragments,
-                 track.protocol, json.is_live,
-                 track.fragment_base_url)
--            local url = edl_track or track.url
--            if not url_is_safe(url) then
-+            if not edl_track and not url_is_safe(track.url) then
-                 return
-             end
-             if track.acodec and track.acodec ~= "none" then
-                 -- audio track
-                 mp.commandv("audio-add",
--                    url, "auto",
-+                    edl_track or track.url, "auto",
-                     track.format_note or "")
-             elseif track.vcodec and track.vcodec ~= "none" then
-                 -- video track
--                streamurl = url
-+                streamurl = edl_track or track.url
-             end
-         end
- 
-@@ -284,6 +283,9 @@ local function add_single_video(json)
-         edl_track = edl_track_joined(json.fragments, json.protocol,
-             json.is_live, json.fragment_base_url)
- 
-+        if not edl_track and not url_is_safe(json.url) then
-+            return
-+        end
-         -- normal video or single track
-         streamurl = edl_track or json.url
-         set_http_headers(json.http_headers)
-@@ -294,13 +296,7 @@ local function add_single_video(json)
- 
-     msg.debug("streamurl: " .. streamurl)
- 
--    streamurl = streamurl:gsub("^data:", "data://", 1)
--
--    if not url_is_safe(streamurl) then
--        return
--    end
--
--    mp.set_property("stream-open-filename", streamurl)
-+    mp.set_property("stream-open-filename", streamurl:gsub("^data:", "data://", 1))
- 
-     mp.set_property("file-local-options/force-media-title", json.title)
- 
-@@ -499,6 +495,10 @@ mp.add_hook(o.try_ytdl_first and "on_load" or "on_load_fail", 10, function ()
- 
-                 msg.debug("EDL: " .. playlist)
- 
-+                if not playlist then
-+                    return
-+                end
-+
-                 -- can't change the http headers for each entry, so use the 1st
-                 if json.entries[1] then
-                     set_http_headers(json.entries[1].http_headers)
--- 
-2.16.1
-