{"id":"MGASA-2020-0203","summary":"Updated vlc packages fix security vulnerabilities","details":"Multiple security issues were discovered in the microdns plugin of the\nVLC media player, which could result in denial of service or potentially\nthe execution of arbitrary code via malicious mDNS packets (CVE-2020-6071,\nCVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079,\nCVE-2020-6080).\n\nVLC has been updated to 3.0.10 to fix theese and other issues.\n","modified":"2026-04-16T00:09:06.811552505Z","published":"2020-05-08T10:57:54Z","upstream":["CVE-2019-19721","CVE-2020-6071","CVE-2020-6072","CVE-2020-6073","CVE-2020-6077","CVE-2020-6078","CVE-2020-6079","CVE-2020-6080"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2020-0203.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=26467"},{"type":"WEB","url":"https://www.videolan.org/security/sb-vlc309.html"},{"type":"WEB","url":"https://www.videolan.org/developers/vlc-branch/NEWS"},{"type":"WEB","url":"https://www.debian.org/security/2020/dsa-4671"}],"affected":[{"package":{"name":"vlc","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/vlc?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.10-1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0203.json"}},{"package":{"name":"vlc","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/vlc?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.10-1.mga7.tainted"}]}],"ecosystem_specific":{"section":"tainted"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0203.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}