Debian Security Advisory
DSA-4806-1 minidlna -- security update
- Date Reported:
- 07 Dec 2020
- Affected Packages:
- Security database references:
- In the Debian bugtracking system: Bug 976594, Bug 976595.
In Mitre's CVE dictionary: CVE-2020-12695, CVE-2020-28926.
- More information:
It was discovered that missing input validation in minidlna, a lightweight DLNA/UPnP-AV server could result in the execution of arbitrary code. In addition minidlna was susceptible to the
For the stable distribution (buster), these problems have been fixed in version 1.2.1+dfsg-2+deb10u1.
We recommend that you upgrade your minidlna packages.
For the detailed security status of minidlna please refer to its security tracker page at: https://security-tracker.debian.org/tracker/minidlna