[SOLVED] ["at least for me"] VLC UPDATE

[DAMIEN1307]

hi folks...gotta question here...its reported that vlc as well as kodi and other players have a hackable flaw regarding captioning etc...they advise updating the player...ive looked for any info on this and not coming up with anything coherent such as updating it for the most appropriate version for linux mint cinnamon 18.1 serena edition based on ubunto 16.04 in order to update my vlc version 2.2.2 which is what i have from the repository...the articles im reading say current version is 2.2.6...i cannot seem to find it or any cognizant way to update it even if i could...i found also that vlc forums is a horribly written affair unlike linux forum which i find quite logical to follow...when i type in vlc update into the forum site i get info for everything else but what i asked for...any insight will be greatly appreciated...thanks for reading...DAMIEN

[xenopeek]

I guess you're talking about the vulnerability with subtitle files? If you're worried about this the best advice may be for now to not use subtitle files. Until you have VLC 2.2.6 or otherwise get a VLC version with this vulnerability fixed.

All but a select few distros have yet to fix these issues. Linux Mint 17.x and 18.x are both affected as they use VLC from respectively the Ubuntu Trusty and Xenial package base repositories. Track the status of VLC CVEs for those here: http://people.canonical.com/~ubuntu-sec ... g/vlc.html. Short of compiling VLC 2.2.6 from source there does not appear to be a ready package available for Ubuntu and thus not for Linux Mint. Not even the "daily build" (ahem) PPA of VLC itself is up to date.

LMDE 2 based on Debian Jessie is also affected. Track the status here: https://security-tracker.debian.org/tra ... ackage/vlc. For LMDE 2 you can if you must install VLC from Debian Stretch (aka Testing) and that has the fixed version. See instructions for using Debian Testing on LMDE 2 the right way: viewtopic.php?t=212502. This doesn't help you if you're using Linux Mint 17.x or 18.x though.

[o-l-d]

I have found a 3rd party ppa for installing VLC 2.2.6 but think I will wait for it to be included in VLC's official builds. The article is here but I am unsure of how trustworthy the ppa is. http://ubuntuhandbook.org/index.php/201 ... ugs-fixed/

[DAMIEN1307]

thanks folks...i pretty much decided also that i am content to wait for the normal update manager to handle this problem as i hate leaving the tried and true repository system that so far has worked flawlessly for me...i am in no way one of those people that gets my undies in a bunch because i can't have everything on demand as some have become accustomed too...i would much rather wait for the update manager process that resonably insures that we have safe and secure updates without inherent bugs, flaws etc....thanks for the input...DAMIEN