Maintainers of the popular open-source VLC media player patched two high-severity bugs Friday. The flaws were an out-of-bound write vulnerability and a stack-buffer-overflow bug. Developers behind the software, VideoLAN, said the patches were two of 33 fixes being pushed out to the media player. The fixes are part of a new bug bounty program funded by European Commission. The EU funded 14 bug bounty programs in hopes of keeping open source projects that EU institutions rely on secure.
Source: https://threatpost.com/vlc-player-gets-patched-for-two-high-severity-bugs/145518/