Why it issues: VLC is universally considered among the finest (if not one of the best) media gamers out there right this moment. A brand new model launched a few days in the past brings additional enhancements for this system’s compatibility, stability, safety and format help.
VideoLAN, the non-profit group selling the facility of open supply to rock the multimedia world, has simply launched a brand new model of VLC media participant. VLC 3.0.18 is the nineteenth replace of the “Vetinari” codebase, and is a a lot wanted one for each informal customers and longtime followers of this system.
VLC media participant 3.0.18 provides help for a couple of codecs, improves adaptive streaming help, fixes some crashes and updates many third get together libraries, VideoLAN stated. The brand new media participant fixes searching for for some media codecs, improves file compatibility with older GPUs, and treatments choose SMB protocol behaviors.
Moreover, the replace avoids a playlist reside loop in case of solely very tiny or failed gadgets, solves “quite a few” crash-related bugs and provides help for DVBSub inside MKV media recordsdata. The listing of libraries and parts that have been up to date consists of FFmpeg – a collection which is basically the beating coronary heart of many media-related, open supply initiatives – upnp, x265, libsmb2, dav1d, libass, zlib, GnuTLS, mpg123, and extra.
VLC media participant 3.0.18 additionally updates the library dealing with Blu-ray (unprotected/ decrypted) optical discs, lastly fixing probably the most longstanding bugs cursing this system. Blu-ray (BD-J) menus appear to work as supposed now, despite the fact that issues are a bit tough with Extremely HD Blu-ray discs based on some transient exams performed with lately bought releases.
Lastly, the brand new VLC consists of fixes for a number of safety points, that are detailed on the newest official safety bulletin. The mounted bugs embrace a denial of service difficulty that may very well be triggered with a incorrect mp4 file (div by 0) (#27202), some crashes with a number of recordsdata as a consequence of double free (#26930), a denial of service difficulty that may very well be triggered with a incorrect oog file (null pointer dereference) (#27294) and a possible buffer overflow within the vnc module that would set off distant code execution via a malicious vnc URL (#27335, CVE-2022-41325).
The 4 patched vulnerabilities might have been utilized by a malicious third get together to set off both a crash of VLC or an arbitrary code execution with privileges. There are not any recognized exploits performing code execution via these vulnerabilities, VideoLAN stated.