Why it issues: VLC is universally thought to be among the finest (if not one of the best) media gamers out there as we speak. A brand new model launched a few days in the past brings additional enhancements for this system’s compatibility, stability, safety and format assist.
VideoLAN, the non-profit group selling the facility of open supply to rock the multimedia world, has simply launched a brand new model of VLC media participant. VLC 3.0.18 is the nineteenth replace of the “Vetinari” codebase, and is a a lot wanted one for each informal customers and longtime followers of this system.
VLC media participant 3.0.18 provides assist for a couple of codecs, improves adaptive streaming assist, fixes some crashes and updates many third celebration libraries, VideoLAN stated. The new media participant fixes in search of for some media codecs, improves file compatibility with older GPUs, and cures choose SMB protocol behaviors.
Furthermore, the replace avoids a playlist dwell loop in case of solely very tiny or failed gadgets, solves “quite a few” crash-related bugs and provides assist for DVBSub inside MKV media recordsdata. The record of libraries and elements that had been up to date consists of FFmpeg – a collection which is actually the beating coronary heart of many media-related, open supply tasks – upnp, x265, libsmb2, dav1d, libass, zlib, GnuTLS, mpg123, and extra.
VLC media participant 3.0.18 additionally updates the library dealing with Blu-ray (unprotected/ decrypted) optical discs, lastly fixing probably the most longstanding bugs cursing this system. Blu-ray (BD-J) menus appear to work as supposed now, though issues are a bit tough with Ultra HD Blu-ray discs in accordance with some temporary exams carried out with just lately bought releases.
Finally, the brand new VLC consists of fixes for a number of safety points, that are detailed on the newest official safety bulletin. The mounted bugs embrace a denial of service problem that could possibly be triggered with a flawed mp4 file (div by 0) (#27202), some crashes with a number of recordsdata on account of double free (#26930), a denial of service problem that could possibly be triggered with a flawed oog file (null pointer dereference) (#27294) and a possible buffer overflow within the vnc module that might set off distant code execution by way of a malicious vnc URL (#27335, CVE-2022-41325).
The 4 patched vulnerabilities might have been utilized by a malicious third celebration to set off both a crash of VLC or an arbitrary code execution with privileges. There aren’t any recognized exploits performing code execution by way of these vulnerabilities, VideoLAN stated.