Advisories ยป MGASA-2020-0203

Updated vlc packages fix security vulnerabilities

Publication date: 08 May 2020
Modification date: 08 May 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-19721 , CVE-2020-6071 , CVE-2020-6072 , CVE-2020-6073 , CVE-2020-6077 , CVE-2020-6078 , CVE-2020-6079 , CVE-2020-6080

Description

Multiple security issues were discovered in the microdns plugin of the
VLC media player, which could result in denial of service or potentially
the execution of arbitrary code via malicious mDNS packets (CVE-2020-6071,
CVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079,
CVE-2020-6080).

VLC has been updated to 3.0.10 to fix theese and other issues.
                

References

SRPMS

7/tainted

7/core