| Release | Version |
|---|---|
| jessie | 1.1.2+dfsg-1.1+deb8u1 |
| stretch | 1.1.6+dfsg-1+deb9u2 |
| buster | 1.2.1+dfsg-2+deb10u4 |
| bullseye | 1.3.0+dfsg-2+deb11u2 |
| bookworm | 1.3.0+dfsg-2.2+deb12u1 |
| trixie | 1.3.3+dfsg-1.1 |
| sid | 1.3.3+dfsg-1.1 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-47430 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | Stack-buffer-overflow vulnerability in ReadyMedia (MiniDLNA) v1.3.3 al ... |
| CVE-2023-33476 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | ReadyMedia (MiniDLNA) versions from 1.1.15 up to 1.3.2 is vulnerable t ... |
| CVE-2022-26505 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | A DNS rebinding issue in ReadyMedia (formerly MiniDLNA) before 1.3.1 a ... |
| CVE-2020-28926 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code exe ... |
| CVE-2020-12695 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | The Open Connectivity Foundation UPnP specification before 2020-04-17 ... |
| Bug | Description |
|---|---|
| CVE-2013-2745 | An SQL Injection vulnerability exists in MiniDLNA prior to 1.1.0 |
| CVE-2013-2739 | MiniDLNA has heap-based buffer overflow |
| CVE-2013-2738 | minidlna has SQL Injection that may allow retrieval of arbitrary files |
| DSA / DLA | Description |
|---|---|
| DSA-5434-1 | minidlna - security update |
| DLA-3465-1 | minidlna - security update |
| DLA-2973-1 | minidlna - security update |
| ELA-591-1 | minidlna - security update |
| DSA-4806-2 | minidlna - regression update |
| DLA-2489-1 | minidlna - security update |
| DSA-4806-1 | minidlna - security update |