[Solved] VLC 3.0.3 detected as safe
-
-
Thank you.
Yeah, well, as we discussed that, it seems that a guy has found a vuln in 3.0.4.
So it is time to flag all versions as being "Insecure"
Let's hope a new release of VLC comes out one of the next days.
CVE Details is a great site for getting some high level information about the history of a product.
However, CVE itself, has seen better days, unfortunately a lot of vulns are assigned CVEs rather late and a lot never receives a CVE.
Just look at yesterdays Chrome release, where some of the vulns are "To be allocated [a CVE]". That seems odd for such a significant app as Chrome:
https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html -
Tom, is the issue solved (after you flagged all versions as being "Insecure")?
-
@Tom says, 3.0.2, 3.0.3, 3.0.4 are not insecure, but 3.0.4 is recommended . I only found an information, that 3.0.1 is insecure.
-
-
@Tom OK, i did not see it at cve.mitre.org using the search.
-
@Anselm Correction: OK, i did not see it yesterday at cve.mitre.org using the search. But now i knew why:
Date Entry Created
20181205 -
@Anselm VLC 3.0.5 is out
-
@Tom Thank you, I updated it yesterday
-
@Tom
From changelog 3.0.4 to 3.0.5
"Update numerous 3rd party libraries, including for minor security issues"This subject could be close.
Thanks a lot Tom.
-
@GregAlexandre OK, then I mark the topic as Solved