Debian 10225 Published by

A vlc security update has been released for Debian GNU/Linux 9 LTS to address two vulnerabilities.



ELA-1016-1 vlc security update

Package : vlc
Version : 3.0.20-0+deb9u1 (stretch)

Related CVEs :
CVE-2023-47359
CVE-2023-47360

Two vulnerabilities in the MMS over HTTP protocol have been fixed in the
VLC media player, which has also been upgraded to the latest upstream version.

CVE-2023-47359
Heap buffer overflow in the MMSH module.

CVE-2023-47360
Integer underflow in the MMSH module.

ELA-1016-1 vlc security update