Stretch security updates VLC to 3.0.6

[stevepusser]

Apparently 3.0.3 could not be patched to fix the security holes. Compared with the vlc 3.0.6 in my own backports repos, they disabled many features that can't be built with stock Stretch libraries, but my packages are still versioned higher than Stretch's, (not with a nasty epoch like deb-multimedia, though!), so they will still be seen as upgrades.

[kevinthefixer]

Just curious, Steve, what features are disabled?

[stevepusser]

One of them is AV1 video codec playback, another is spatial audio provided by libspatialaudio, and still another is support for

ARIB STD-B24 is a character set encoding used for subtitles when broadcasting MPEG-2 TS streams. This library provides a decoder of this character set.

[kevinthefixer]

Thanks, I'll have to look into this, I have some old home videos in AVI that I might want to see someday.

[stevepusser]

That's the hot new av1 video codec, not the old .avi video container.

[kevinthefixer]

Oops. And here I thought the new lens in my strong eye and the new glasses were working well. Perhaps the problem lies an inch or two behind my eyes?

[llivv]

Is this post related? have any of you seen this hash mismatch from apt with libvlc in stable?
Problem with APT-GET UPGRADE
it installed fine for me when I tried it yesterday, but I only installed libvlc5 and 3 dep libs that came with it.

[stevepusser]

It was my impression that vlc 3.0.6 will upgrade more than just 4 packages from vlc 3.0.3. You don't have deb-multimedia packages clogging up the upgrade pipe, do you?

Try

Code: Select all

apt list --installed vlc* libvlc*

make sure the versions match.