Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 516
Alerts This Week
Warning Icon 1 516

Debian: DSA-4504-1 urgent: VLC Security Update to Prevent Code Execution

debian
Calendar Grey August 20, 2019
Debian Logo
The VLC media player has rolled out significant patches that target security vulnerabilities and enhance overall performance reliability. Users are advised to upgrade.
Multiple security issues were discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed file/stream is processed

Summary

Multiple security issues were discovered in the VLC media player, which
could result in the execution of arbitrary code or denial of service if
a malformed file/stream is processed.

For the oldstable distribution (stretch), these problems have been fixed
in version 3.0.8-0+deb9u1.

For the stable distribution (buster), these problems have been fixed in
version 3.0.8-0+deb10u1.

We recommend that you upgrade your vlc packages.

For the detailed security status of vlc please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/vlc

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/



Severity
critical
Lowest
Low
Medium
High
Critical

Package: vlc
CVE ID: CVE-2019-13602 CVE-2019-13962 CVE-2019-14437 CVE-2019-14438

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.