Lucene search

K
suseSuseOPENSUSE-SU-2020:2204-1
HistoryDec 08, 2020 - 12:00 a.m.

Security update for minidlna (moderate)

2020-12-0800:00:00
lists.opensuse.org
15

0.071 Low

EPSS

Percentile

94.0%

An update that fixes two vulnerabilities is now available.

Description:

This update for minidlna fixes the following issues:

minidlna was updated to version 1.3.0 (boo#1179447)

 - Fixed some build warnings when building with musl.
 - Use $USER instead of $LOGNAME for the default friendly name.
 - Fixed build with GCC 10
 - Fixed some warnings from newer compilers
 - Disallow negative HTTP chunk lengths. [CVE-2020-28926]
 - Validate SUBSCRIBE callback URL. [CVE-2020-12695]
 - Fixed spurious warnings with ogg coverart
 - Fixed an issue with VLC where browse results would be truncated.
 - Fixed bookmarks on Samsung Q series
 - Added DSD file support.
 - Fixed potential stack smash vulnerability in getsyshwaddr on macOS.
 - Will now reload the log file on SIGHUP.
 - Worked around bad SearchCriteria from the Control4 Android app.
 - Increased max supported network addresses to 8.
 - Added forced alphasort capability.
 - Added episode season and number metadata support.
 - Enabled subtitles by default for unknown DLNA clients, and add
   enable_subtitles config option.
 - Fixed discovery when connected to certain WiFi routers.
 - Added FreeBSD kqueue support.
 - Added the ability to set the group to run as.

This update was imported from the openSUSE:Leap:15.2:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Backports SLE-15-SP2:

    zypper in -t patch openSUSE-2020-2204=1