CVE-2023-37920

Advisory

Sv-dlp 2023.11.12 updates its dependency 'certifi' to v2023.7.22 to include a security fix.

Affected package

Affected versions

Fixed versions

Vulnerability changelog

Changelog
Added
- **[GOOGLE]** Added URL-Protobuf Generation Code for improved functionality.
- **[GOOGLE]** Support for new Short URLs.
- **[BUILD | DOCS]** Added Logo
- **[DEV]** Test & Dry Build Workflow for more efficient development.
Changed
- **[CLI]** sv-dlp can now be executed instead of `python -m sv_dlp` when installed with pip
- **[DEV]** UnitTest Workflows to ensure code reliability.
- **[DEV]** Package Versions updated for better performance and security.
- **[DEV]** Icon & Bin now included in Build Pipelines for a more comprehensive build process.
- **[DEV]** Renamed `dev_scripts` to `utils` for clearer naminng conventions
Fixed
- **[NAVER]** Fixed an issue where Naver was mistakenly referred to as Navae
- **[BAIDU]** Removed Unexpected Print Statement
Updated
- **[DOCS]** Added Logo Images to enhance documentation visuals.
- **[DOCS]** Updated Names for consistency and clarity.
Security
- **[BUILD]** Updated libraries to patch certain vulnerabilities
- `certifi [2023.7.22]`: Python Charmers Future denial of service vulnerability
- `requests [2.31.0]`: Potential Proxy-Authorization Header Leak via HTTPS
- `certifi [2023.7.22]`: Potential Proxy-Authorization Header Leak via HTTPS
Known Bugs
- **[BAIDU]** Final metadata coordinates inaccurate - [36](https://github.com/shmugoh/sv-dlp/issues/36)
- **[APPLE]** Input coordinate not accurate to output - [25](https://github.com/shmugoh/sv-dlp/issues/25)
- **[GOOGLE]** Zoom 5 Stiching Tiles Borked [8](https://github.com/shmugoh/sv-dlp/issues/8)
---

Resources

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37920