sabreW4K3@lazysoci.alM to

Navidrome Music Server (Unofficial)@discuss.tchncs.de · 3 days ago

Release v0.54.5 · navidrome/navidrome · GitHub

2

21

Release v0.54.5 · navidrome/navidrome · GitHub

sabreW4K3@lazysoci.alM to

Navidrome Music Server (Unofficial)@discuss.tchncs.de · 3 days ago

2

Release v0.54.5 · navidrome/navidrome

This is an important security fix. Please update ASAP. Security Advisory: GHSA-c3p4-vm8f-386p Changelog Security updates 287079a: sec(subsonic): authentication bypass in Subsonic API with non-exis...

This is an important security fix. Please update ASAP. A proper CVE advisory will be published soon and will be linked here.

Chat

Deebster
link
fedilink
English
arrow-up
2·
3 days ago
This seems quite serious, I’ll definitely be reading the CVE once it’s published. Luckily, I noticed the github notification of the release after only a couple of hours.

Navidrome Music Server (Unofficial)@discuss.tchncs.de

navidrome@discuss.tchncs.de

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]

Navidrome is a free, open source web-based music collection server and streamer. It gives you freedom to listen to your music collection from any browser or mobile device. https://www.navidrome.org

This is an unofficial community. However, we adhear to the official Code Of Conduct set by the Navidrome project.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

2 users / day
22 users / week
31 users / month
95 users / 6 months
6 local subscribers
316 subscribers
46 Posts
131 Comments
Modlog