[German]Another little addendum: A few days ago (on January 10, 2019) the developers of VideoLan released the VLC Player version 3.0.6 for Linux, macOS and Windows. This version closes a Denial of Service vulnerability of the previous versions.
I was offered the update a few days ago when VLC Player 3.0.5 was launched. It is a maintenance update, which brings some minor fixes. The change log indicates the following:
* Fix potential subtitle picture allocation failures
* Add support for 12 bits decoding of AV1
* Fix HDR support in AV1 when the container provides the metadata
The German BürgerCERT warns within this article about a Denial of Service and Information disclosure vulnerability in older versions, that has been fixed in VLC 3.0.6. The new VLC player may be downloaded from this web site for Linux, macOS and Windows.