[Solved] VLC 3.0.11 not detected as unsecure without available patch
At this time (2021-01-16) VLC 3.0.11 is known to be unsecure without available patch: https://nvd.nist.gov/vuln/detail/CVE-2020-26664 .
Vulndetect does not display it as unsecure and does not states that there is no available patch.
Hope this helps.
@GregAlexandre Thank you.
It appears that they do have a fix in the pipeline:
For some reason they haven't released 3.0.12 yet.
We have flagged 3.0.11 as Insecure and will closely monitor the release of 3.0.12.
Earlier today the installer for 3.0.12 was released, and short time ago the security page was updated. However, the actual VideoLAN advisory, is still 404.
Anyway, the rule is updated and a package is available, and the first users and customers has applied the updated version.
Again, thank you for reporting this.
OK, then I mark this issue as solved.