Popular media player receives 33 security bug fixes, two of which are rated high severity.
Maintainers of the popular open-source VLC media player patched two high-severity bugs Friday. The flaws were an out-of-bound write vulnerability and a stack-buffer-overflow bug. Developers behind the software, VideoLAN, said the patches were two of 33 fixes being pushed out to the media player and part of a new bug bounty program funded by European Commission.
“This high number of security issues is due to the sponsoring of a bug bounty program funded by the European Commission, during the Free and Open Source Software Audit (FOSSA) program,” wrote Jean-Baptiste Kempf, president of VideoLAN and open source developer in a post outlining the patches.