{"affected":[{"ecosystem_specific":{"binaries":[{"minidlna":"1.3.0-lp152.4.3.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.2","name":"minidlna","purl":"pkg:rpm/opensuse/minidlna&distro=openSUSE%20Leap%2015.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.3.0-lp152.4.3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for minidlna fixes the following issues:\n\nminidlna was updated to version 1.3.0 (boo#1179447)\n\n  - Fixed some build warnings when building with musl.\n  - Use $USER instead of $LOGNAME for the default friendly name.\n  - Fixed build with GCC 10\n  - Fixed some warnings from newer compilers\n  - Disallow negative HTTP chunk lengths. [CVE-2020-28926]\n  - Validate SUBSCRIBE callback URL. [CVE-2020-12695]\n  - Fixed spurious warnings with ogg coverart\n  - Fixed an issue with VLC where browse results would be truncated.\n  - Fixed bookmarks on Samsung Q series\n  - Added DSD file support.\n  - Fixed potential stack smash vulnerability in getsyshwaddr on macOS.\n  - Will now reload the log file on SIGHUP.\n  - Worked around bad SearchCriteria from the Control4 Android app.\n  - Increased max supported network addresses to 8.\n  - Added forced alphasort capability.\n  - Added episode season and number metadata support.\n  - Enabled subtitles by default for unknown DLNA clients, and add enable_subtitles config option.\n  - Fixed discovery when connected to certain WiFi routers.\n  - Added FreeBSD kqueue support.\n  - Added the ability to set the group to run as.\n","id":"openSUSE-SU-2020:2160-1","modified":"2020-12-04T15:24:02Z","published":"2020-12-04T15:24:02Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/A2GHF3UJM6D2JSKELXMJY57IRWK3PJM3/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1179447"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-12695"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-28926"}],"related":["CVE-2020-12695","CVE-2020-28926"],"summary":"Security update for minidlna","upstream":["CVE-2020-12695","CVE-2020-28926"]}