Mamwe mazuva apfuura vhezheni itsva yakapihwa kugadzirisa kweye inozivikanwa midhiya mutambi VLC 3.0.8, umo akaunganidzwa bugs akagadziriswa uye gumi nematatu akagadziriswa.
Ndeapi matatu matambudziko (CVE-2019-14970, CVE-2019-14777, CVE-2019-14533) zvinogona kutungamira mukuitwa kweanorwisa kodhi paanenge achiedza kutamba multimedia mafaera yakanyatsogadzirwa muMKV uye ASF mafomati (buffer kufashukira yekurekodha uye matambudziko maviri kuwana memory mushure mekuisunungura).
Kune rumwe rutivi hune hurema mukuomesa mafomati OGG, AV1, FAAD, ASF zvinokonzerwa nekugona kuverenga data kubva kunzvimbo dzekurangarira kunze kwenzvimbo yakapihwa buffer.
Matambudziko matatu anotungamira mukudzikisira iyo NULL pointer mu dvdnav, ASF uye AVI fomati inovhura. Kunetseka kunotendera kuwanda kwenhamba muMP4 unpacker.
Nezve zvakagadziriswa kushomeka
VLC vanogadzira vakacherekedza kuti dambudziko mune OGG fomati unpacker (CVE-2019-14438) yaive kuverenga kubva kunzvimbo iri kunze kweye buffer (verenga buffer kufashukira), asi vezvekuchengetedza vanotsvaga izvo yakawana iyo yekumanikidzwa yekudaidzira kuti zvinokwanisika kunyora kufashukira uye kuronga kodhi kuitisa kana uchigadzirisa OGG, OGM uye OPUS mafaera ane rakasarudzika rakagadzirwa musoro block.
Iko kune zvakare kunetseka (CVE-2019-14533) mune yeASF fomati unpacker, iyo inobvumidza iwe kunyora dhata kune yakatosunungurwa memory memory nzvimbo uye uwane kuitisa kodhi nekukenya kumberi kana kumashure pane iyo nguva yekutamba uchitamba maWMV neWMA mafaera.
Pamusoro pezvo, nyaya CVE-2019-13602 (kuwanda kuzere) uye CVE-2019-13962 (kuverenga kubva munzvimbo iri kunze kwebhafa) yakapihwa njodzi nhanho (8.8 na9.8), asi vagadziri veVLC havana vanobvumirana uye vanofunga kuti izvi zvinokuvadza hazvisi zvine njodzi (taura kuti uchinje danho rive 4.3).
Zvisiri-chengetedzo zvigadziriso zvinosanganisira kubvisa kudzadzarika kana uchiona mavhidhiyo iine yakaderera furemu rate, inatsiridza rutsigiro rwekushambadzira kunoenderana (yakavandudzwa kodhi yekubhaiza).
Ivo zvakare vanobatsira kugadzirisa matambudziko neWebVTT Subtitle rendering, gadziridza odhiyo kuburitsa pane macOS uye iOS mapuratifomu.
Iyo script yekuburitsa kubva kuYouTube yakagadziridzwa zvakare, kugadzirisa matambudziko nekushandisa Direct3D11 kushandisa hardware kumhanyisa mune masisitimu ane mamwe madhiraivha e AMD.
Maitiro ekuisa VLC Media Player 3.0.8 paLinux?
Kune avo vari Debian, Ubuntu, Linux Mint uye vanoshandisa vanoshandisa, ingo nyora zvinotevera mune terminal:
sudo apt-tora sudo apt-tora kuisa vlc browser-plugin-vlc
Panguva ye Ivo avo vari vashandisi veArch Linux, Manjaro, Arco Linux kana chero kugoverwa kwakatorwa kubva kuArch Linux, isu tinofanirwa kunyora:
sudo pacman -S vlc
Kana iwe uri mushandisi wekugovera kweKaOS Linux, iyo yekumisikidza kuraira yakafanana neyaArch Linux.
Zvino kune avo vari vashandisi veimwe vhezheni ye openSUSE, vanofanirwa kungo nyora mune terminal iyo inotevera yekuisa:
sudo zypper gadza vlc
Kune avo vashandisi veFedora uye chero chinobva pazviri, vanofanirwa kunyora zvinotevera:
sudo dnf kuisa https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$ (rpm -E% fedora) .noarch.rpm sudo dnf gadza vlc
Para Mamwe ese ekuparadzirwa kweLinux, tinogona kuisa iyi software nerubatsiro rweFlatpak kana Snap mapakeji. Isu tinongofanirwa kuve nerutsigiro rwekuisa mashandiro eaya matekinoroji.
Si uchida kuisa nerubatsiro rweSnap, isu tinongofanirwa kunyora iwo unotevera kuraira mune iyo terminal:
sudo snap kuisa vlc
Kuisa iyo vhezheni vhezheni yechirongwa, zviite na:
sudo snap yekuisa vlc --candidate
Chekupedzisira, kana iwe uchida kuisa iyo beta vhezheni yechirongwa iwe unofanirwa kunyora:
sudo snap kuisa vlc --beta
Kana iwe ukaisa iko kunyorera kubva kuSnap uye uchida kumutsidzira kune iyo nyowani vhezheni, iwe unofanirwa kunyora kuti:
sudo snap zorodza vlc
Pakupedzisira ye qIvo avo vanoda kuisa kubva kuFlatpak, zviite nemirairo inotevera:
flatpak gadza --user https://flathub.org/repo/appstream/org.videolan.VLC.flatpakref
Uye kana vanga vatove nekuisa uye vachida kugadzirisa vanofanira kunyora:
flatpak --user kugadzirisa org.videolan.VLC