[SECURITY] [DLA 2973-1] minidlna security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2973-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Thorsten Alteholz
April 10, 2022 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : minidlna
Version : 1.1.6+dfsg-1+deb9u2
CVE ID : CVE-2022-26505
An issue has been found in minidlna, a lightweight DLNA/UPnP-AV server
targeted at embedded systems. HTTP requests needed more checks to protect
against DNS rebinding, thus forbid a remote web server to exfiltrate
media files.
For Debian 9 stretch, this problem has been fixed in version
1.1.6+dfsg-1+deb9u2.
We recommend that you upgrade your minidlna packages.
For the detailed security status of minidlna please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/minidlna
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmJSCYpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEdoVg/+LypviYUbVmDH/81bzscltxNbgVoTRkuqByaGbuMhjqAKPTPiCB8+Iep6
+WxTYEHvayue+eRgCkn8LhPMNfLVS8sX+d558j+LbEAHgEWzYVkKSiDbVIbdqSn9
tejUy0Ewi0i77mvtsg/AlWphz78JSB4cAdShBR5asKxeyMxUgKNxnhdM+9fSwN2R
32VOcoIXrgQLcPOPzZxYRGWcwj7SK0CuIsUXu0oeIMdkpBXDQOI2pau6qlS8SL2X
6mllt+Cun/ALVj1R1OuO2C3YQ0Njp//MH2ffTqE2gu7zylybMwUkUvYL8TnpAzqh
TJrEApqSrEPwJuH7pE7Be+uWtAFgr1WPcBdXulxpucryfW2Cr6pR0+C79foenDlz
nJSg/qxpVDipdbI3anTp/xvGdHNYTkuI3Nw6b+d8MnW18cbcmoH0A58UMlINhh7z
UDk45lP7f09NCG+lyT6eKFFt2nsgPjp6sq3YnIKJdwmol2DquvWzEJaWiUhhTeEh
XDtxz9K7AymnFOMusjEDwIHsnmzFo/jI8lBOUh8+ay6vDtZe+iqrSjkPyTdp0Kzq
vzp0rkVtIlrPYhzY7lNp8emfaf4+7wTWRdhVXUmxrQ9xo/klHwNgcGv6EfBXp1Bc
NhR+60r5G3YkUONwXXgXpu9DRpJB67UXRK7pHAqAl4n5BM1bS08=
=7Q88
-----END PGP SIGNATURE-----
Reply to: