Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - VLC: needs upgrading too! InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

VLC: needs upgrading too!

Published: 2008-06-10
Last Updated: 2008-06-10 12:45:50 UTC
by Swa Frantzen (Version: 2)
1 comment(s)

One of those little things your users might manage to get installed for themselves is VLC.

Well they too have a new release that passed by all too quietly in the last few days. Barry reminded us about it.

So VLC Media Player 0.8.6h is the one you want to upgrade to, it fixes "security vulnerabilities in the Mozilla and ActiveX plugins, in the libpng, libid3tag, libvorbis libraries and in the Speex codec."

From their release notes:

0.8.6h:

0.8.6g (source release):

Make sure to be warned by the smallest vendor/software maker of who you use software or soon or later you'll miss one getting its patch before you discover it's been exploited.

--
Swa Frantzen -- Gorilla Secuity

Keywords: VLC
1 comment(s)
Diary Archives