Ezinsukwini ezithile ezedlule kwethulwe inguqulo entsha ukulungisa isidlali semidiya esidumile I-VLC 3.0.8, lapho izinambuzane ezinqwabelene zilungisiwe nobungozi obungu-13 buhleliwe
Kulezi zinkinga ezintathu (CVE-2019-14970, CVE-2019-14777, CVE-2019-14533) kungaholela ekwakhiweni kwekhodi yabahlaseli lapho uzama ukudlala amafayela wemultimedia yakhelwe ngokukhethekile kumafomethi we-MKV ne-ASF (ukurekhoda okuchichima kwe-buffer nezinkinga ezimbili zokufinyelela kwimemori ngemuva kokuyikhulula)
Ngakolunye uhlangothi ukuba sengozini okune kumashayeli wefomethi I-OGG, AV1, FAAD, ASF zidalwa yikhono lokufunda idatha kusuka ezindaweni zememori ngaphandle kwe-buffer eyabiwe.
Izinkinga ezintathu ziholela ekuchazweni kwesikhombi se-NULL ku-dvdnav, ASF ne-AVI format unpacks. Ukuba sengozini kuvumela ukuchichima kwenani ku-MP4 unpacker.
Mayelana nokuba sengozini okungaguquki
Abathuthukisi be-VLC baqaphele ukuthi inkinga ekwifomethi ye-OGG unpacker (I-CVE-2019-14438) ibifunda kusuka endaweni engaphandle kwe-buffer (funda i-buffer overflow), kepha abacwaningi bezokuphepha ithole isimangalo sokuba sengozini kokuthi kungenzeka kudale ukuchichima kokubhala futhi uhlele ukwenziwa kwekhodi lapho ucubungula amafayela we-OGG, OGM, ne-OPUS nge-block block eyakhiwe ngokukhethekile.
Kukhona nokuba sengozini (I-CVE-2019-14533) kufomethi ye-ASF unpacker, ekuvumela ukuthi ubhale idatha endaweni yememori esivele ikhululiwe futhi uzuze ukwenziwa kwekhodi ngokuskena phambili noma emuva emuva kumugqa wesikhathi ngenkathi udlala amafayela we-WMV ne-WMA.
Futhi, ukukhishwa kwe-CVE-2019-13602 (ukuchichima okuphelele) kanye ne-CVE-2019-13962 (kufundwa kusuka endaweni engaphandle kwe-buffer) kunikezwe izinga eliyingozi kakhulu (8.8 no-9.8), kepha abathuthukisi be-VLC abavumelananga ukuthi lokhu kuba sengozini akuyona ingozi (siphakamisa ukushintsha ileveli ibe ngu-4.3).
Ukulungiswa okungavikelekile kufaka phakathi ukususa amalimi lapho ubuka amavidiyo ngezinga lozimele eliphansi, thuthukisa ukusekelwa kokusakazwa okuguquguqukayo (ikhodi yokuthuthukisa ethuthukisiwe).
Zisiza futhi ukuxazulula izinkinga ngokunikezela ngesihlokwana seWebVTT, ukuthuthukisa okukhipha umsindo kuma-macOS naku-iOS platforms.
Iskripthi sokulanda kusuka ku-YouTube sibuye sabuyekezwa, saxazulula izinkinga ngokusetshenziswa kwe-Direct3D11 ukusebenzisa ukusheshiswa kwehadiwe kumasistimu nabashayeli abathile be-AMD.
Ungayifaka kanjani i-VLC Media Player 3.0.8 ku-Linux?
Okwalabo Abasebenzisi beDebian, Ubuntu, Linux Mint nabesuselwe kokutholakala, vele uthayiphe okulandelayo esigungwini:
Sudo apt-get update sudo apt-get ukufaka i-vlc browser-plugin-vlc
Ngenkathi ye- Labo abangabasebenzisi be-Arch Linux, Manjaro, Arco Linux noma yikuphi ukusatshalaliswa okususelwa ku-Arch Linux, kufanele sithayiphe:
sudo pacman -S vlc
Uma ungumsebenzisi wokusatshalaliswa kwe-KaOS Linux, umyalo wokufaka uyefana ne-Arch Linux.
Manje kulabo abasebenzisi banoma yiluphi uhlobo lwe-OpenSUSE, kufanele bathayiphe kuphela ukuphela okulandelayo ukufaka:
I-sudo zypper ifaka i-vlc
Okwalabo bangabasebenzisi beFedora nanoma ikuphi okuvela kukho, kufanele bathayiphe okulandelayo:
Sudo dnf ukufaka https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$ (rpm -E% fedora) .noarch.rpm sudo dnf install vlc
para konke ukusatshalaliswa kweLinux, singafaka le software ngosizo lwamaphakeji weFlatpak noma we-Snap. Kumele sibe nokuxhaswa kuphela ukufaka izinhlelo zalobu buchwepheshe.
Si sifuna ukufaka ngosizo lwe-Snap, kufanele sithayiphe umyalo olandelayo ku-terminal:
sudo snap ufake i-vlc
Ukufaka inguqulo yomqokelwa uhlelo, yenze no:
I-sudo snap ukufaka i-vlc --candidate
Ekugcineni, uma ufuna ukufaka inguqulo ye-beta yohlelo kufanele uthayiphe:
I-sudo snap ukufaka i-vlc --beta
Uma ufake uhlelo kusuka ku-Snap futhi ufuna ukubuyekezela enguqulweni entsha, kufanele uthayiphe nje:
I-sudo snap ivuselele i-vlc
Ekugcineni kwe-qLabo abafuna ukufaka kusuka ku-Flatpak, kwenze ngomyalo olandelayo:
flatpak ukufaka --user https://flathub.org/repo/appstream/org.videolan.VLC.flatpakref
Futhi uma ngabe bebevele befakiwe futhi bafuna ukuvuselela kufanele bathayiphe:
flatpak --usus buyekeza org.videolan.VLC