Advisories ยป MGASA-2018-0400

Updated vlc packages fix security vulnerability

Publication date: 19 Oct 2018
Modification date: 17 Feb 2022
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-11529

Description

This update provides vlc 3.0.4 and fixes at least the following security
issue:

A use-after-free was discovered in the MP4 demuxer of the VLC media player,
which could result in the execution of arbitrary code if a malformed media
file is played (CVE-2018-11529)

For other fixes in this update, see the referenced NEWS.
                

References

SRPMS

6/tainted

6/core