[vlc-devel] End-Of-Life for VLC 2.2.x "Weatherwax"
jb at videolan.org
Tue Jul 24 19:41:16 CEST 2018
Dear users of VLC and packagers,
This is a short announce to tell you that VLC 2.2.x is now completely end-of-life.
The number of security issues that have been fixed in 3.0.x, notably on the MKV, MP4 and ASF modules, make it impossible to support the 2.2.x branch, because they are very hard to backport (or almost impossible).
We're notably speaking of CVE-2018-11529 and CVE-2017-17670 security issues, but they are only the tip of the iceberg.
Indeed, even if we could fix those 2 issues, many more have been fixed in the 3.0.x version.
Therefore, you should really update to VLC 3.0.3.
VLC 3.0.x are LTS versions anyway, so you should focus on those, because they will be maintained longer, notably for security issues.
With my very best regards,
Jean-Baptiste Kempf - President
+33 672 704 734
More information about the vlc-devel