[Slackbuilds-users] VLC subtitle handling vulnerability

Christoph Willing chris.willing at linux.com
Wed May 24 10:28:32 UTC 2017

On 24/05/17 15:59, David O'Shaughnessy wrote:
> Just a heads up (maintainer cc'd in) about a vulnerability found in VLCs
> handling of subtitles:
> http://blog.checkpoint.com/2017/05/23/hacked-in-translation/
> It's fixed in the latest release. The build on SBo seems to be a
> development version though, so I'm not sure if this is relevant or not.

Thanks for the report Dave.

I've just pushed a new version that addresses the vulnerability (thanks
to Matteo for the updated source tarball).

I think we generally frown on using development versions but the
official releases (including don't yet support the version of
ffmpeg we have at SBo.


More information about the SlackBuilds-users mailing list