Iyo itsva vhezheni yeVLC 3.0.8 inosvika nemhinduro yezvinetso zvakasiyana zvekuchengetedza

Darkcrizt

4 maminitsi

Mamwe mazuva apfuura vhezheni itsva yakapihwa kugadzirisa kweye inozivikanwa midhiya mutambi VLC 3.0.8, umo akaunganidzwa bugs akagadziriswa uye gumi nematatu akagadziriswa.

Ndeapi matatu matambudziko (CVE-2019-14970, CVE-2019-14777, CVE-2019-14533) zvinogona kutungamira mukuitwa kweanorwisa kodhi paanenge achiedza kutamba multimedia mafaera yakanyatsogadzirwa muMKV uye ASF mafomati (buffer kufashukira yekurekodha uye matambudziko maviri kuwana memory mushure mekuisunungura).

Kune rumwe rutivi hune hurema mukuomesa mafomati OGG, AV1, FAAD, ASF zvinokonzerwa nekugona kuverenga data kubva kunzvimbo dzekurangarira kunze kwenzvimbo yakapihwa buffer.

Matambudziko matatu anotungamira mukudzikisira iyo NULL pointer mu dvdnav, ASF uye AVI fomati inovhura. Kunetseka kunotendera kuwanda kwenhamba muMP4 unpacker.

Nezve zvakagadziriswa kushomeka

VLC vanogadzira vakacherekedza kuti dambudziko mune OGG fomati unpacker (CVE-2019-14438) yaive kuverenga kubva kunzvimbo iri kunze kweye buffer (verenga buffer kufashukira), asi vezvekuchengetedza vanotsvaga izvo yakawana iyo yekumanikidzwa yekudaidzira kuti zvinokwanisika kunyora kufashukira uye kuronga kodhi kuitisa kana uchigadzirisa OGG, OGM uye OPUS mafaera ane rakasarudzika rakagadzirwa musoro block.

Iko kune zvakare kunetseka (CVE-2019-14533) mune yeASF fomati unpacker, iyo inobvumidza iwe kunyora dhata kune yakatosunungurwa memory memory nzvimbo uye uwane kuitisa kodhi nekukenya kumberi kana kumashure pane iyo nguva yekutamba uchitamba maWMV neWMA mafaera.

Pamusoro pezvo, nyaya CVE-2019-13602 (kuwanda kuzere) uye CVE-2019-13962 (kuverenga kubva munzvimbo iri kunze kwebhafa) yakapihwa njodzi nhanho (8.8 na9.8), asi vagadziri veVLC havana vanobvumirana uye vanofunga kuti izvi zvinokuvadza hazvisi zvine njodzi (taura kuti uchinje danho rive 4.3).

Zvisiri-chengetedzo zvigadziriso zvinosanganisira kubvisa kudzadzarika kana uchiona mavhidhiyo iine yakaderera furemu rate, inatsiridza rutsigiro rwekushambadzira kunoenderana (yakavandudzwa kodhi yekubhaiza).

Ivo zvakare vanobatsira kugadzirisa matambudziko neWebVTT Subtitle rendering, gadziridza odhiyo kuburitsa pane macOS uye iOS mapuratifomu.

Iyo script yekuburitsa kubva kuYouTube yakagadziridzwa zvakare, kugadzirisa matambudziko nekushandisa Direct3D11 kushandisa hardware kumhanyisa mune masisitimu ane mamwe madhiraivha e AMD.

Maitiro ekuisa VLC Media Player 3.0.8 paLinux?

Kune avo vari Debian, Ubuntu, Linux Mint uye vanoshandisa vanoshandisa, ingo nyora zvinotevera mune terminal:

sudo apt-tora sudo apt-tora kuisa vlc browser-plugin-vlc

Panguva ye Ivo avo vari vashandisi veArch Linux, Manjaro, Arco Linux kana chero kugoverwa kwakatorwa kubva kuArch Linux, isu tinofanirwa kunyora:

sudo pacman -S vlc

Kana iwe uri mushandisi wekugovera kweKaOS Linux, iyo yekumisikidza kuraira yakafanana neyaArch Linux.

Zvino kune avo vari vashandisi veimwe vhezheni ye openSUSE, vanofanirwa kungo nyora mune terminal iyo inotevera yekuisa:

sudo zypper gadza vlc

Kune avo vashandisi veFedora uye chero chinobva pazviri, vanofanirwa kunyora zvinotevera:

sudo dnf kuisa https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$ (rpm -E% fedora) .noarch.rpm sudo dnf gadza vlc

Para Mamwe ese ekuparadzirwa kweLinux, tinogona kuisa iyi software nerubatsiro rweFlatpak kana Snap mapakeji. Isu tinongofanirwa kuve nerutsigiro rwekuisa mashandiro eaya matekinoroji.

Si uchida kuisa nerubatsiro rweSnap, isu tinongofanirwa kunyora iwo unotevera kuraira mune iyo terminal:

sudo snap kuisa vlc

Kuisa iyo vhezheni vhezheni yechirongwa, zviite na:

sudo snap yekuisa vlc --candidate

Chekupedzisira, kana iwe uchida kuisa iyo beta vhezheni yechirongwa iwe unofanirwa kunyora:

sudo snap kuisa vlc --beta

Kana iwe ukaisa iko kunyorera kubva kuSnap uye uchida kumutsidzira kune iyo nyowani vhezheni, iwe unofanirwa kunyora kuti:

sudo snap zorodza vlc

Pakupedzisira ye qIvo avo vanoda kuisa kubva kuFlatpak, zviite nemirairo inotevera:

flatpak gadza --user https://flathub.org/repo/appstream/org.videolan.VLC.flatpakref

Uye kana vanga vatove nekuisa uye vachida kugadzirisa vanofanira kunyora:

flatpak --user kugadzirisa org.videolan.VLC

Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa. Raida minda anozivikanwa ne *

*

*

  1. Inotarisira iyo data: Miguel Ángel Gatón
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako