A corrective release of the VLC 3.0.13 media player has been introduced (despite the announcement on the VideoLan website of version 3.0.13, release 3.0.14 has actually been released, including fixes in hot pursuit). The release mainly fixes accumulated errors and eliminates vulnerabilities.
Improvements include the addition of NFSv4 support, improved integration with SMB2-based storage, improved Direct3D11 rendering smoothness, added horizontal axis settings for the mouse wheel, and the ability to scale SSA subtitle text. Bug fixes include fixing artifacts when playing HLS streams and resolving issues with audio in MP4 format.
The new release resolves a vulnerability that could potentially lead to code execution when a user interacts with custom playlists. The problem is similar to the recently announced vulnerability in OpenOffice and LibreOffice related to the ability to embed links, including executable files that open after a user clicks without displaying dialogs that require confirmation of the operation. As an example, it shows how you can organize the execution of your code by placing links in the playlist like "file:///run/user/1000/gvfs/sftp:host= ,user= β, which, when opened, gives a jar file that is loaded using the WebDav protocol.
VLC 3.0.13 also fixes several more vulnerabilities caused by bugs that cause data to be written to an area outside the buffer boundary when processing incorrect MP4 media files. Fixed a bug in kate decoder that caused the buffer to be used after it was freed. Fixed an issue in the automatic update delivery system that allowed updates to be spoofed during MITM attacks.
Source: opennet.ru