Some Mac owners use VLC in place of the standard DVD Player application for watching DVDs, as it provides a workaround for the region-locking 'feature' that isn't as easily disabled on a Mac as it is on other platforms. (That's particular source of frustration in Australia, where region coding is not a legally enforceable technological protection measure.)
It's also useful for transcoding media files, and can be used as a streaming server.
So what has been fixed in the software?
All versions of VLC media player from 0.9.5 (released in late October) right back to 0.5.0 are vulnerable to attacks via maliciously crafted CUE image files or RealText subtitle files. Such files could exploit stack-based buffer overflows to execute arbitrary code.
Version 0.9.6 fixes these issues, and was released two days after the VideoLAN Project team was notified of the problem by Tobias Klein.
All users are advised to upgrade to the new version, which is available via the VideoLAN home page.