Main menu:

Sponsoring

Please consider a small donation:

 

 

Or you can donate bitcoin:

 

Thanks to TekLinks in Birmingham, AL, for providing colocation and bandwidth.

Page Rank

Fame

FOSS Force Best Blog--2013 Award

Recent posts

Recent comments

About this blog

I am Eric Hameleers, and this is where I think out loud.
More about me.

Search

My Favourites

Slackware

Calendar

November 2014
M T W T F S S
« Oct    
 12
3456789
10111213141516
17181920212223
24252627282930

RSS Alien's Slackware packages

RSS Alien's unofficial KDE Slackware packages

RSS Alien's multilib packages

Meta

New version of VLC fixes security holes

The VideoLAN team have released version 1.0.6 of their VLC player. This version fixes several vulnerabilities which were found during development of the upcoming version 1.1.0.

I have built Slackware packages for vlc-1.0.6 (Slackware 13.0 32-bit and 64-bit) which you can find at the usual place, http://slackware.com/~alien/slackbuilds/vlc/. This is the release announcement in my repository’s ChangeLog.txt:

Fri Apr 23 10:35:49 UTC 2010
vlc: updated to 1.0.6. Several security holes were fixed in this release.
These packages do inotify-tools libnotify contain MP3/AAC audio encoders (playback of mp3/aac audio works fine); you can get packages with MP3/AAC encoding capability at http://slackware.org.uk/people/alien/restricted_slackbuilds/vlc/ as usual.
For playback of encrypted DVDs you’ll additionally need to install libdvdcss.

One remark: I found that the midi plugin (based on fluidsynth) does not work in this package because of a library linking error. I will try to get this resolved for Slackware 13.0 in a new build if I find the time (but KDE 4.4.3 is getting near). When I built a VLC package on Slackware-current, I did not have this issue however.

Note for those who run VLC on an older Slackware:

Older versions of the VideoLAN player will not get patched. Most notably the version 0.8.x which is still widely used. This version has already been vulnerable for some time, and the new vulnerabilities just get added to a growing list. Upgrading to the newest version will not be an option for everybody. Older releases of Slackware but also of other distro’s simply lack the libraries required by the current version of VLC. Too bad… or finally time to upgrade your Slackware?

Eric

Comments

Comment from escaflown
Posted: April 24, 2010 at 02:03

Thanks Eric. And the restricted build http link is also back to work :)
I’m eager to see what you’re cooking for us with the KDE 4.4.3

Pingback from Is Slackware the best operating system you have ever used? | Watch Movies Online
Posted: April 24, 2010 at 02:18

[...] Alien Pastures » New version of VLC fixes security holes [...]

Comment from ariarat
Posted: April 26, 2010 at 15:32

Thanks eric

Comment from Sean
Posted: May 5, 2010 at 17:55

I prefer to install Slack-external software from the Slackbuilds, but VLC is a hornet’s nest of dependencies. So in addition to a general thanks for your role in keeping Slackware both easy and dependable, I want to give a specific thanks for the precompiled VLC package. In fact, two: a 32-bit thanks and a 64-bit thanks.

Write a comment