Linux Today: Linux News On Internet Time.

Updated VLC Fixes Security Problems

Jun 19, 2007, 20:15 (0 Talkback[s])
(Other stories by Shirl Kennedy)

"Users of VideoLAN's VLC cross-platform media player are strongly advised to upgrade to the just-released version 0.8.6c, which fixes 'a security vulnerability in the CDDA, Vorbis, Theora and SAP plugins.'

"In a security advisory about this issue--originally reported by David Thiel of iSEC Partners--VideoLAN explained that 'Ogg/Vorbis, Ogg/Theora, CDDA (CD Digital Audio) and SAP (Service Announce Protocol) plugins are prone to a C-style format string vulnerability when trying to parse a media data stream...'"

Complete Story

Related Stories: