Amahora ambalwa edlule a iphutha kwezokuphepha kuVLC elimakwe ngo-9.8 koku-10 esikalini sengozi. "Ukwehluleka okubucayi" kutholwe yi-CERT-Bund futhi kwashicilelwa ngu WinFuture (ngesiJalimane), lapho bachaza ukuba sengozini okuvumela ukwenziwa kwekhodi yesilawuli kude, okungavumela umsebenzisi onobungozi ukuthi afake, aguqule noma enze ikhodi ngaphandle kokubona kwethu noma ukufinyelela amafayela kusistimu yethu. Iphinde yasatshalaliswa ngu Miter.
Izinguqulo ezithintekile kuzoba ezeLinux, Windows ne-Unix, ne-macOS iphephile, konke ngokusho kweWinFuture neminye imithombo esabalalise lolu lwazi. Izindaba ezimnandi ukuthi akekho osebenzise ubungozi, okuthi, kanye nenguqulo yeVideoLan, kusishiye sizibuza ukuthi ngabe konke lokhu kungokoqobo noma i-alamu engamanga. Kepha iqiniso ukuthi inguqulo yeVideoLan, noma umuntu wesithathu owathi bakha isichibi se-60%, kusishiya sinokungabaza okuningi ngokwenzekayo.
Hhayi isiphazamisi se-VLC
Ngabe uke wakubheka lokhu?
Akekho ongakwazi ukukhiqiza lolu daba lapha.- I-VideoLAN (@videolan) July 23, 2019
Ngabe uke wakubheka lokhu? Akekho ongazala lolu daba lapha »
Ngesikhathi salokhu kubhalwa, iVideoLan ibonakala ithukuthele kakhulu ngokwenziwe yiCVE noMiter. Okokuqala bayakhononda ukuthi bebengakaxhumani nabo nhlobo iminyaka futhi manje basishicilela lesi sinqumo ngaphandle kokubatshela lutho. Bese besho lokho hhayi i-VLC glitch, kepha kusuka kumtapo wezincwadi ovela eceleni ohlobene namafayela we-MKV, olungisiwe izinyanga:
Mayelana "nenkinga yezokuphepha" ku #VLC : IVLC ayisengozini.
tl; dr: inkinga ikulabhulali yomuntu wesithathu, ebizwa nge-libebml, eyalungiswa ngaphezulu kwezinyanga eziyi-3 ezedlule.
IVLC kusukela enguqulweni engu-3.0.3 inenguqulo efanele ethunyelwe, futhi @MITREcorp akazange ahlole ngisho nesimangalo sabo.Intambo:
- I-VideoLAN (@videolan) July 24, 2019
"Mayelana 'nephutha lokuphepha' ku- # VLC": I-VLC ayisengozini. tl; dr: isiphazamisi sikulabhulali yomuntu wesithathu, ebizwa nge-libebml, eyalungiswa ngaphezulu kwezinyanga eziyi-16 ezedlule. IVLC iletha inguqulo efanele kusukela ngo-3.0.3, kanti uMiter akazange abheke nokuthi ushicilele ini »
Isiphazamisi esinzima kakhulu ukusizakala
Inkampani eyenza omunye wabadlali abadume kakhulu emhlabeni nayo inesinye isikhalazo: kungenzeka kanjani lokho i-glitch engakwazi ukuxhashazwa uzuze i-9.8 kokuyi-10 esikalini sobungozi? Baphinde bathi, esimweni esibi kakhulu, akunakwenzeka ukweba idatha kwikhompyutha noma ukwenza ikhodi ukude, okubi kakhulu okungukudala "ukuphahlazeka" kuhlelo lokusebenza.
I-VideoLan isivele isetshenzisiwe isichibi okuxazulula i- Ukwehluleka ukuthi bathi akusekho kusidlali sakho. Baqinisekisa ukuthi iyalungiswa kusukela i-VLC v3.0.3, kepha emizuzwini embalwa edlule bamake leso sichibi ngokuthi "sivaliwe". Iqiniso ukuthi i-3.0.3 ibonakala njengenguqulo ethintekile. Njengokungathi lokho bekunganele, i-NIST iguqule ukungena ngalesi sengozini ethi «Lokhu kuba sengozini kushintshiwe kusukela kwagcina ukuhlaziywa yi-NVD. Ulinde ukuhlaziywa okusha okungaholela kuzinguquko ezintsha kulwazi olunikeziwe", okusho ukuthi ukuhlaziywa kokuqala akulungile.
Abanye bathi kuyingozi kakhulu ukusebenzisa i-VLC, kuye kwanconywa nokuthi uyikhiphe, abanye bathi kufanele uhlole okushicilelwe nokuthi i-bug ayikho, abanye bashintsha ama-athikili abo oqobo ... Okuwukuphela kwento eqinisekile ukuthi angiyikhiphi i-VLC.