UltiMedia is distributed as rolling builds, with the most recent core published on the Releases page. Only the latest release is supported; please reproduce any issue against the latest build before reporting.
| Version | Supported |
|---|---|
| Latest release | ✅ |
| Older builds | ❌ |
This core parses untrusted input — playlists (.m3u), audio files (MP3, OGG, FLAC, WAV), and image files for album art — using third-party decoders. Malformed media is the most likely source of memory-safety issues, so reports in that area are especially welcome.
Please do not open a public issue for security problems. Instead, report privately through GitHub:
- Go to the Security advisories page.
- Click Report a vulnerability and describe the issue, including a sample file or playlist that reproduces it when possible.
You can expect an initial response within a reasonable time frame. Once a fix is available, it will ship in a new release.