Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -7 articles for you...
202
security advisorymedia player fiximportant updateopenSUSE 15 SP4: 2022:10255-1 Important: VLC Media Player Update
An update that solves one vulnerability and has one errata is now available. . openSUSE Security Update: Security update for vlc ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:10255-1 Rating: important References: #1200944 #1206142 Cross-References: CVE-2022-41325 CVSS scores: CVE-2022-41325 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP4 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for vlc fixes the following issues: - Update to version 3.0.18 (CVE-2022-41325, boo#1206142): + macOS: Fix audio device listing with non-latin names. + Misc: Fix rendering and performance issue with older GPUs. + Updated translations. - Changes from version 3.0.18-rc2: + Codec/Demux: - Add support for Y16 chroma. - Fix build of gme plugin. + Lua: - Fix script for vocaroo. - Fix script for youtube to allow throttled playback. + Service Discovery: Fix UPnP regression on Windows. + Video Output: Fix video placement with caopengllayer. + Misc: Fix password search in kwallet module. - Changes from version 3.0.18-rc: + Demux: - Major adaptive streaming update, notably for multiple timelies and webvtt. - Fix seeking with some fragmented MP4 files. - Add support for DVBSub inside MKV. - Fix some Flac files that could not be played. - Improve seeking in Ogg files. + Decoders: - Fix DxVA/D3D11 crashes on HEVC files with bogus references. - Fix libass storage size and crash. - Fix decoding errors on macOS hw decoding on some HEVC files. + Video Output: - Fix color regression with VAAPI/iOS and OpenGL output. - Fix some resizing issues with OpenGL on GLX/EGL/X11/XV. -Fix Direct3d9 texture stretching. - Fix 10-bit accelerated video filters on macOS. + Playlist: Avoid playlist liveloop on failed/tiny items (temporize EOS bursts). + Misc: - Misc fixes for the extension UI on macOS. - Improve SMBv1 and SMBv2 behaviours. - Improve FTP compatibility. - Support RISC-V. - Fix AVI muxing for Windows Media Player compatibility. - Fix seeking speed on macOS. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP4: zypper in -t patch openSUSE-2022-10255=1 Package List: - openSUSE Backports SLE-15-SP4 (aarch64 ppc64le x86_64): libvlc5-3.0.18-bp154.2.3.1 libvlccore9-3.0.18-bp154.2.3.1 vlc-3.0.18-bp154.2.3.1 vlc-codec-gstreamer-3.0.18-bp154.2.3.1 vlc-devel-3.0.18-bp154.2.3.1 vlc-jack-3.0.18-bp154.2.3.1 vlc-noX-3.0.18-bp154.2.3.1 vlc-opencv-3.0.18-bp154.2.3.1 vlc-qt-3.0.18-bp154.2.3.1 vlc-vdpau-3.0.18-bp154.2.3.1 - openSUSE Backports SLE-15-SP4 (noarch): vlc-lang-3.0.18-bp154.2.3.1 References: https://www.suse.com/security/cve/CVE-2022-41325.html https://bugzilla.suse.com/1200944 https://bugzilla.suse.com/1206142 . The latest openSUSE update addresses vulnerabilities in the VLC media player, providing improved efficiency and better integration.. openSUSE Security Update, VLC Patch, Multimedia Player Fix. . Severity: Important. LinuxSecurity.com Team
Dec 31, 2022
•Important
OpenSUSE
98
security advisoryRed Hat Enterprise Linuxcritical security impactRed Hat: 2005:788-01 Critical: HelixPlayer Format String Issue
An updated HelixPlayer package that fixes a string format issue is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team.. - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: HelixPlayer security update Advisory ID: RHSA-2005:788-01 Advisory URL: https://access.redhat.com/errata/RHSA-2005:788.html Issue date: 2005-09-27 Updated on: 2005-09-27 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-2710 - ---------------------------------------------------------------------1. Summary: An updated HelixPlayer package that fixes a string format issue is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ppc, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, x86_64 Red Hat Enterprise Linux WS version 4 - i386, x86_64 3. Problem description: HelixPlayer is a media player. A format string bug was discovered in the way HelixPlayer processes RealPix (.rp) files. It is possible for a malformed RealPix file to execute arbitrary code as the user running HelixPlayer. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-2710 to this issue. All users of HelixPlayer are advised to upgrade to this updated package, which contains HelixPlayer version 10.0.6 and is not vulnerable to this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in theappropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 168078 - CAN-2005-2710 HelixPlayer Format String Flaw 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: 77bcadb90099c21c579ad8f51d4c7292 HelixPlayer-1.0.6-0.EL4.1.src.rpm i386: 40ff8c8ac5f9acc8019db7bd91a1f819 HelixPlayer-1.0.6-0.EL4.1.i386.rpm ppc: 1604bc8fa9eb7d6ef1733d3b047b8cc9 HelixPlayer-1.0.6-0.EL4.1.ppc.rpm x86_64: 40ff8c8ac5f9acc8019db7bd91a1f819 HelixPlayer-1.0.6-0.EL4.1.i386.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: 77bcadb90099c21c579ad8f51d4c7292 HelixPlayer-1.0.6-0.EL4.1.src.rpm i386: 40ff8c8ac5f9acc8019db7bd91a1f819 HelixPlayer-1.0.6-0.EL4.1.i386.rpm x86_64: 40ff8c8ac5f9acc8019db7bd91a1f819 HelixPlayer-1.0.6-0.EL4.1.i386.rpm Red Hat Enterprise Linux ES version 4: SRPMS: 77bcadb90099c21c579ad8f51d4c7292 HelixPlayer-1.0.6-0.EL4.1.src.rpm i386: 40ff8c8ac5f9acc8019db7bd91a1f819 HelixPlayer-1.0.6-0.EL4.1.i386.rpm x86_64: 40ff8c8ac5f9acc8019db7bd91a1f819 HelixPlayer-1.0.6-0.EL4.1.i386.rpm Red Hat Enterprise Linux WS version 4: SRPMS: 77bcadb90099c21c579ad8f51d4c7292 HelixPlayer-1.0.6-0.EL4.1.src.rpm i386: 40ff8c8ac5f9acc8019db7bd91a1f819 HelixPlayer-1.0.6-0.EL4.1.i386.rpm x86_64: 40ff8c8ac5f9acc8019db7bd91a1f819 HelixPlayer-1.0.6-0.EL4.1.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CAN-2005-2710 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2005 Red Hat, Inc. . Ubuntu has released an important patch for VLC Media Player that resolves a buffer overflow vulnerability, aimed at blocking unauthorized code execution.. HelixPlayer Update, Red Hat Security Advisory, Linux Media Player Fix. . Severity:Critical. LinuxSecurity.com Team
Sep 27, 2005
•Critical
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!