Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

openSUSE Leap 15.6: yt-dlp Fixes for CVE-2024-38519 Remote Exec

opensuse
Calendar Grey September 18, 2025
Dist Opensuse Esm H88
A new patch has been released for openSUSE that resolves a security vulnerability in yt-dlp, classified as moderate and affecting the handling of files.
An update that solves one vulnerability and has one errata is now available

Description

This update for yt-dlp fixes the following issues:

- Update to release 2025.08.22

* cookies: Fix --cookies-from-browser with Firefox 142+

- Update to release 2025.08.20

* Warn against use of `-f mp4`

* yt: Add es5 and es6 player JS variants

* yt: Default to main player JS variant

* yt: Extract title and description from initial data

* yt: Handle required preroll waiting period

- Update to release 2025.08.11

* yt: Add player params to mweb client

* dash: Re-extract if using --load-info-json with

--live-from-start

- Update to release 2025.07.21

* Default behaviour changed from --mtime to --no-mtime

* yt: Do not require PO Token for premium accounts

* yt: Extract global nsig helper functions

* yt: tab: Fix subscriptions feed extraction

- Update to release 2025.06.30

* youtube: Fix premium formats extraction

- Update to release 2025.06.25

* yt: Check any ios m3u8 formats prior to...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory moderate security issue remote execution OpenSUSE yt-dlp

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.6:

zypper in -t patch openSUSE-2025-364=1

Package List

- openSUSE Leap 15.6 (noarch):

python312-yt-dlp-2025.08.22-lp156.2.3.1

yt-dlp-2025.08.22-lp156.2.3.1

yt-dlp-youtube-dl-2025.08.22-lp156.2.3.1

References

https://www.suse.com/security/cve/CVE-2024-38519.html

https://bugzilla.suse.com/1227305

https://bugzilla.suse.com/1242186

Announcement ID: openSUSE-SU-2025:0364-1
Rating: moderate
Affected Products: openSUSE Leap 15.6 ble.

Topics%20covered

Topics Covered

security advisory moderate security issue remote execution OpenSUSE yt-dlp

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here