VideoLAN plugs further security vulnerabilities in VLC media player
VLC media player users should update to version 0.8.6h, which is now available to download from the VideoLAN website.
According to the development team, the latest version fixes security vulnerabilities in the GnuTLS, libgcrypt and libxml2 libraries version 0.8.6g or earlier, in Mozilla and ActiveX plugins, in the libpng, libid3tag and libvorbis libraries and in all versions up to and including 0.8.6f of the Speex codec. Because attackers can exploit the vulnerabilities to inject malicious code, VLC users should download and install the new version as soon as possible.
(mba)