You are here

Home » Forums » Support Forums » Music & Video Apps Support

[Closed] VLC subtitle vulnerabilty

3 posts / 0 new
Log in or register to post comments
Last post
May 24, 2017 - 3:15am
#1
rganny
Offline
Last seen: 6 months 3 weeks ago
Joined: 2017-03-10 03:00
[Closed] VLC subtitle vulnerabilty

VLC 2.2.4 (current version here) has a serious bug that allows complete device takeover. This has been known by VLC for months, and a preliminary fix was included in v2.2.5.1 release back in January 2017. Why has the portable version here not been updated? If we users are to rely on the software offered here, it would be nice to be able to have confidence that security problems are addressed in a timely manner.

I expect the developers here to pay attention to SERIOUS bugs.
Reference the VLC site and Torrent Freak at https://torrentfreak.com/malicious-subtitles-threaten-kodi-vlc-and-popco...

Top
May 24, 2017 - 6:52am
depp.jones
Offline
Last seen: 1 hour 48 min ago
DeveloperTranslator
Joined: 2010-06-05 17:19
There is a thread called

There is a thread called Outdated Official Apps here, where you could easily post information on updates.
Please note, that all developers here at PortableApps.com work on apps in their spare time. Sometimes updates are missed and we rely on community members like yourself to remind us. Feel free to help us and do some monitoring.

Top
May 24, 2017 - 11:18am
John T. Haller
John T. Haller's picture
Online
Last seen: 55 min 25 sec ago
AdminDeveloperModeratorTranslator
Joined: 2005-11-28 22:21
Updated, Let Us Know In the Future

I've updated VLC Portable to 2.2.5.1, pushed to mirrors, and pushed to platform users.

In the future, please let us know in the Outdated App thread linked above when an app is out of date. If there is a security vulnerability being patched, please let us know that as well. We generally have apps with security apps updated within a few hours as they get priority. I didn't realize there was a security vulnerability in this update of VLC so it hadn't been marked as priority.

Also, for clarification, VLC 2.2.5.1 was released on May 12, not in January.

Sometimes, the impossible can become possible, if you're awesome!

Top
Log in or register to post comments