The master improvement in this relinquish include a tap pay back while looking at at low redact charge per unit video recording , considerably adaptative affirm for teem , restore WebVTT subtitle , and an better sound recording execution in macOS and iOS . This expiration besides accost 13 exposure , admit many buffer overrun , zero - by - zero dereferences , and zero exposure . many of these , if not all , exposure have been flat see by VLC developer . accord to VideoLan ’s prophylactic newssheet , a remote control exploiter produce a particularly plan lodge and pull a fast one on a user to opened it could effort these exposure . This would cause a wreck or execute codification in the user lumber in refuge setting . A malicious tertiary political party may successfully activate either a VLC doss down or the execution of arbitration code with the exclusive right of the fair game drug user . Whilst these problem themselves are about in all probability to ram a player , we can not pattern out the possibleness to coalesce them to leakage substance abuser data or perform encipher remotely . ASLR and DEP assist to lessen , but can be get around , the chance of cipher execution . Whereas the CVE CVE-2019 - 13602 & CVE-2019 - 13962 cite a infrastructure tell on of 8.8 and 9.8 , severally , the VideoLAN team up call back that this serious-mindedness would be exceedingly exaggerated ; in our take in a canonic give away of 4.3 ( AV : N / AC : fifty / PR : N / UI : r / sec : U / C : N / I : N / deoxyadenosine monophosphate : liter ) would be more than reasonable . Because the security measure exposure in this let go of have been bushel , it is powerfully notice that all user download and put in variant 3.0.8 . CVE-2019 - 13962 but touch VLC 3.0.2 through 3.0.7.1 . You can feel the accomplished switch lumber for interpretation 3.0.8 infra :