VideoLAN, the group behind probably the most widespread media gamers VLC Media Player, launched VLC Media Player 3.0.8 right now.
VLC Media Player 3.0.8 is a security update that patches a whole of 13 totally different security points within the shopper. The update is not associated to a not too long ago disclosed vulnerability that a too keen researcher attributed to VLC Media Player. It turned out that VLC was not weak however that the researcher ran an older model of Ubuntu.
The update is not picked up but by the participant’s automated update perform nor is it listed on the official VideoLAN web site. It is out there on the official Download VideoLAN download site for all supported working methods, nonetheless.
You might obtain the brand new launch and set up it over the outdated. Whether you’ll do this instantly or look ahead to the official launch notification by VideoLAN is as much as you. Cautious customers might need to look ahead to the official announcement to obtain the brand new model both from the VideoLAN website or by utilizing the appliance’s built-in updater.
The new model of VLC patches the next points in earlier variations of the shopper software.
- Fix a buffer overflow within the MKV demuxer (CVE-2019-14970)
- Fix a learn buffer overflow within the avcodec decoder (CVE-2019-13962)
- Fix a learn buffer overflow within the FAAD decoder
- Fix a learn buffer overflow within the OGG demuxer (CVE-2019-14437, CVE-2019-14438)
- Fix a learn buffer overflow within the ASF demuxer (CVE-2019-14776)
- Fix a use after free within the MKV demuxer (CVE-2019-14777, CVE-2019-14778)
- Fix a use after free within the ASF demuxer (CVE-2019-14533)
- Fix a couple of integer underflows within the MP4 demuxer (CVE-2019-13602)
- Fix a null dereference within the dvdnav demuxer
- Fix a null dereference within the ASF demuxer (CVE-2019-14534)
- Fix a null dereference within the AVI demuxer
- Fix a division by zero within the CAF demuxer (CVE-2019-14498)
- Fix a division by zero within the ASF demuxer (CVE-2019-14535)
You might lookup the vulnerabilities with CVE IDs, e.g. on https://cve.mitre.org/. Note that the problems will not be out there to the general public on the time of writing.
VLC Media Player 3.0.8 is a security update at the start. The update makes different a handful of different non-security associated adjustments as properly:
- Core: Fix stuttering for low framerate movies
- Demux: Fix glitches in TS over HLS
- Demux: Add actual probing of HLS streams
- Demux: Fix HLS MIME kind fallback
- Misc: Update Youtube script
- Audio Output: Fix stuttering or clean audio when beginning or in search of when utilizing
exterior audio units (bluetooth for instance)
- Audio Output: Fix AV synchronization when utilizing exterior audio units on Mac OS.
- Stream Output: Fix transcoding when the decoder doesn’t set the chroma
Work on VLC Media Player 4.0 continues in the meantime as properly.
Now You: When you do set up security updates to your functions? (by way of Deskmodder)