170 matches found
openSUSE 15 Security Update : minidlna (openSUSE-SU-2022:0079-1)
The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2022:0079-1 advisory. - A DNS rebinding issue in ReadyMedia formerly MiniDLNA before 1.3.1 allows a remote web server to exfiltrate media files. CVE-2022-26505 Note that...
Security update for minidlna (moderate)
openSUSE Security Update: Security update for minidlna Announcement ID: openSUSE-SU-2022:0079-1 Rating: moderate References: 1181400 1196814 Cross-References: CVE-2022-26505 CVSS scores: CVE-2022-26505 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Backports...
OPENSUSE-SU-2022:0079-1 Security update for minidlna
This update for minidlna fixes the following issues: minidlna was updated to version 1.3.1 boo1196814 - Fixed a potential crash in SSDP request parsing. - Fixed a configure script failure on some platforms. - Protect against DNS rebinding attacks. CVE-2022-26505 - Fix an socket leakage issue on...
ReadyMedia has unspecified vulnerabilities
ReadyMedia formerly MiniDLNA is a set of media service software compatible with LNA/UPnP-AV clients. The software supports media files such as music, pictures, videos, etc. A security vulnerability in DNS exists in versions of ReadyMedia formerly MiniDLNA prior to 1.3.1, which stems from a DNS...
DEBIAN-CVE-2022-26505
A DNS rebinding issue in ReadyMedia formerly MiniDLNA before 1.3.1 allows a remote web server to exfiltrate media files...
CVE-2022-26505
A DNS rebinding issue in ReadyMedia formerly MiniDLNA before 1.3.1 allows a remote web server to exfiltrate media files...
CVE-2022-26505
CVE-2022-26505 affects ReadyMedia (MiniDLNA) prior to 1.3.1. A DNS rebinding flaw lets a remote web server exfiltrate media files. Public advisories (Debian, Gentoo GLSA, openSUSE, Ubuntu USN) show affected versions range up to 1.3.1 and note updates/patches (e.g., Debian DLA-2973 fixes in 1.1.6+...
Mageia: Security Advisory (MGASA-2020-0483)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-4722-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : ReadyMedia (MiniDLNA) vulnerabilities (USN-4722-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4722-1 advisory. It was discovered that ReadyMedia MiniDLNA allowed subscription requests with a delivery URL on a different network segment than...
[SECURITY] [DSA 4806-2] minidlna regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-4806-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 05, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4806-2] minidlna regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-4806-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 05, 2021 https://www.debian.org/security/faq -...
DSA-4806-2 minidlna - regression update
Bulletin has no description...
Updated minidlna packages fix security vulnerabilities
It was discovered that minidlna does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue CVE-2020-12695. Minidlna before versions 1.3.0 allows remote code execution...
MGASA-2020-0483 Updated minidlna packages fix security vulnerabilities
It was discovered that minidlna does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue CVE-2020-12695. Minidlna before versions 1.3.0 allows remote code execution...
Debian: Security Advisory (DLA-2489-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2489-1 : minidlna security update
It was discovered that missing input validation in minidlna, a lightweight DLNA/UPnP-AV server could result in the execution of arbitrary code. In addition minidlna was susceptible to the 'CallStranger' UPnP vulnerability. For Debian 9 stretch, these problems have been fixed in version...
[SECURITY] [DLA 2489-1] minidlna security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2489-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz December 10, 2020 https://wiki.debian.org/LTS -...
OPENSUSE-SU-2020:2226-1 Security update for minidlna
This update for minidlna fixes the following issues: minidlna was updated to version 1.3.0 boo1179447 - Fixed some build warnings when building with musl. - Use $USER instead of $LOGNAME for the default friendly name. - Fixed build with GCC 10 - Fixed some warnings from newer compilers - Disallow...
Security update for minidlna (moderate)
openSUSE Security Update: Security update for minidlna Announcement ID: openSUSE-SU-2020:2226-1 Rating: moderate References: 1179447 Cross-References: CVE-2020-12695 CVE-2020-28926 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes two vulnerabilities is now available...