michael.heier/umbrel-apps
1
0
Fork 1
mirror of https://github.com/getumbrel/umbrel-apps.git synced 2024-11-11 16:09:18 +00:00
Code Issues Projects Releases Wiki Activity

Update Jellyfin to v10.8.11 (#796)

Browse Source 
Co-authored-by: nmfretz <nmfretz@gmail.com>
This commit is contained in:
Parth Jadhav 2023-10-06 05:20:14 +05:30 committed by GitHub
parent 1bcd9af3bf
commit 776587169c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
jellyfin/docker-compose.yml
View File

@ -8,7 +8,7 @@ services:
PROXY_AUTH_ADD: "false"
server:
image: linuxserver/jellyfin:10.8.10@sha256:6d425c0a3bcc8a4e13e994ffd728c866c261548ff30c2b22dd095ef57a2bfbbf
image: linuxserver/jellyfin:10.8.11@sha256:09bd29e51d205076ee5027d9828359112b8d091c8324610f43beb438f1f94131
restart: on-failure
hostname: "${DEVICE_HOSTNAME}"
environment:

12
jellyfin/umbrel-app.yml
View File

@ -2,7 +2,7 @@ manifestVersion: 1
id: jellyfin
category: media
name: Jellyfin
version: "10.8.10"
version: "10.8.11"
tagline: The Free Software Media System
description: >-
Jellyfin is the volunteer-built media solution that puts you in control of your media. Stream to any device from your own server, with no strings attached. Your media, your server, your way.
@ -32,10 +32,16 @@ path: ""
defaultUsername: ""
defaultPassword: ""
releaseNotes: >-
⚠️ CRITICAL SECURITY ADVISORY: There's a significant security issue in previous versions, where two vulnerabilities can be paired to allow any Jellyfin user, even those without admin rights, to remotely control the system. One of these issues has been around since the 10.8.0 release, while the other has been present in all versions of Jellyfin up to now. It's essential for all Jellyfin administrators to update to this version, especially if they have untrusted users or if their Jellyfin is accessible on the Internet.
⚠️ PREVIOUS CRITICAL SECURITY ADVISORY: For user's still running Jellyfin version 10.8.9 and below, please update Jellyfin immediately.
There is a significant security issue in previous versions, where two vulnerabilities can be paired to allow any Jellyfin user, even those without admin rights, to remotely control the system.
One of these issues has been around since the 10.8.0 release, while the other has been present in all versions of Jellyfin up to now. It's essential for all Jellyfin administrators to update to this version,
especially if they have untrusted users or if their Jellyfin is accessible on the Internet.
This update is a hotfix release with no new features or major improvements.
Full changelogs for Jellyfin releases can be found here: https://github.com/jellyfin/jellyfin/releases
Full release notes can be found here: https://github.com/jellyfin/jellyfin/releases
torOnly: false
permissions:
- STORAGE_DOWNLOADS