<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/meta-openembedded.git/meta-multimedia/recipes-multimedia/minidlna, branch master</title>
<subtitle>Mirror of git.openembedded.org/meta-openembedded</subtitle>
<id>https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=master</id>
<link rel='self' href='https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=master'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/'/>
<updated>2026-02-25T06:30:28+00:00</updated>
<entry>
<title>minidlna: ignore CVE-2024-51442</title>
<updated>2026-02-25T06:30:28+00:00</updated>
<author>
<name>Gyorgy Sarvari</name>
<email>skandigraun@gmail.com</email>
</author>
<published>2026-02-23T19:18:43+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=1f70d339eb3d3f4897f3eef91ae86fd915cbfa8c'/>
<id>urn:sha1:1f70d339eb3d3f4897f3eef91ae86fd915cbfa8c</id>
<content type='text'>
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-51442

The description of the vulnerability says "attacker [...] execute arbitrary
OS commands via a specially crafted minidlna.conf configuration file".

There is no official fix for this CVE, and upstream seems to be inactive
for the past 3 years.

The reason for ignoring this CVE is that the referenced minidlna.conf
file is in the /etc folder, and the file is not world-writable. Which
means that this vulnerability can be exploited only when someone is
root - but if the attacker is already root, they don't need to resort
to minidlna config-file modifications to execute any command they want.

Signed-off-by: Gyorgy Sarvari &lt;skandigraun@gmail.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
</content>
</entry>
<entry>
<title>meta-openembedded/all: adapt to UNPACKDIR changes</title>
<updated>2025-06-25T13:44:52+00:00</updated>
<author>
<name>Alexander Kanavin</name>
<email>alex@linutronix.de</email>
</author>
<published>2025-06-20T14:06:53+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=fc78d37ff0ce9e0d60455465851dbe4e86d7a8b3'/>
<id>urn:sha1:fc78d37ff0ce9e0d60455465851dbe4e86d7a8b3</id>
<content type='text'>
Please see
https://git.yoctoproject.org/poky/commit/?id=4dd321f8b83afecd962393101b2a6861275b5265
for what changes are needed, and sed commands that can be used to make them en masse.

I've verified that bitbake -c patch world works with these, but did not run a world
build; the majority of recipes shouldn't need further fixups, but if there are
some that still fall out, they can be fixed in followups.

Signed-off-by: Alexander Kanavin &lt;alex@linutronix.de&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
</content>
</entry>
<entry>
<title>minidlna: fix reproducibility</title>
<updated>2024-10-03T02:49:52+00:00</updated>
<author>
<name>Yoann Congal</name>
<email>yoann.congal@smile.fr</email>
</author>
<published>2024-10-02T19:57:18+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=51a400b736db3ab075b72f5115f790bb192197bb'/>
<id>urn:sha1:51a400b736db3ab075b72f5115f790bb192197bb</id>
<content type='text'>
Minidlna configuration puts os name &amp; version in the binary which lead
to non-reproducibility. Fix this by forcing those variables to constant
values.

Signed-off-by: Yoann Congal &lt;yoann.congal@smile.fr&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
</content>
</entry>
<entry>
<title>minidlna: Upgrade to 1.3.3 release</title>
<updated>2024-08-30T03:59:15+00:00</updated>
<author>
<name>Khem Raj</name>
<email>raj.khem@gmail.com</email>
</author>
<published>2024-08-29T20:37:36+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=fbf0d3175e56846266c09a8848a6a9cec58573e9'/>
<id>urn:sha1:fbf0d3175e56846266c09a8848a6a9cec58573e9</id>
<content type='text'>
Drop unneeded patches
Add a patch to fix build with ffmpeg7

Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
</content>
</entry>
<entry>
<title>recipes: Start WORKDIR -&gt; UNPACKDIR transition</title>
<updated>2024-05-23T15:44:44+00:00</updated>
<author>
<name>Khem Raj</name>
<email>raj.khem@gmail.com</email>
</author>
<published>2024-05-13T21:16:55+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=ffc64e9c6fee0af7eea3466135416d011172a5e6'/>
<id>urn:sha1:ffc64e9c6fee0af7eea3466135416d011172a5e6</id>
<content type='text'>
Replace references of WORKDIR with UNPACKDIR where it makes sense to do
so in preparation for changing the default value of UNPACKDIR.

Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
</content>
</entry>
<entry>
<title>minidlna: fix obsolete license warning</title>
<updated>2022-05-08T01:47:16+00:00</updated>
<author>
<name>Markus Volk</name>
<email>f_l_k@t-online.de</email>
</author>
<published>2022-05-06T17:23:27+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=f26d0085d7bbbffd5fcfe6a1bb67cc338ebd1cbb'/>
<id>urn:sha1:f26d0085d7bbbffd5fcfe6a1bb67cc338ebd1cbb</id>
<content type='text'>
Signed-off-by: Markus Volk &lt;f_l_k@t-online.de&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
</content>
</entry>
<entry>
<title>minidlna: use precise BSD license</title>
<updated>2022-02-03T16:44:32+00:00</updated>
<author>
<name>Ross Burton</name>
<email>ross.burton@arm.com</email>
</author>
<published>2022-02-01T16:35:02+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=f8166c50fd06a894e96797903ba925d6a7525215'/>
<id>urn:sha1:f8166c50fd06a894e96797903ba925d6a7525215</id>
<content type='text'>
This package is BSD-3-Clause.

Signed-off-by: Ross Burton &lt;ross.burton@arm.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
</content>
</entry>
<entry>
<title>minidlna: update 1.2.1 -&gt; 1.3.0</title>
<updated>2022-01-25T17:13:09+00:00</updated>
<author>
<name>Alexander Kanavin</name>
<email>alex.kanavin@gmail.com</email>
</author>
<published>2022-01-22T21:46:49+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=605ffa23020ec495b68f17df5a6b21b58ef881c1'/>
<id>urn:sha1:605ffa23020ec495b68f17df5a6b21b58ef881c1</id>
<content type='text'>
Drop unneeded patch.

This addresses build failures with ffmpeg 5.0

Signed-off-by: Alexander Kanavin &lt;alex@linutronix.de&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
</content>
</entry>
<entry>
<title>Convert to new override syntax</title>
<updated>2021-08-03T17:21:25+00:00</updated>
<author>
<name>Martin Jansa</name>
<email>Martin.Jansa@gmail.com</email>
</author>
<published>2021-07-29T15:04:53+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=c61dc077bbd81260e4f167fa2251643ba0ba6974'/>
<id>urn:sha1:c61dc077bbd81260e4f167fa2251643ba0ba6974</id>
<content type='text'>
This is the result of automated script (0.9.1) conversion:

oe-core/scripts/contrib/convert-overrides.py .

converting the metadata to use ":" as the override character instead of "_".

Signed-off-by: Martin Jansa &lt;Martin.Jansa@gmail.com&gt;
</content>
</entry>
<entry>
<title>minidlna: Fix build with -fno-common</title>
<updated>2020-08-14T05:32:07+00:00</updated>
<author>
<name>Khem Raj</name>
<email>raj.khem@gmail.com</email>
</author>
<published>2020-08-13T01:15:26+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=b2b28d0ebc47250750e6095be8c7b594ac6d4ee0'/>
<id>urn:sha1:b2b28d0ebc47250750e6095be8c7b594ac6d4ee0</id>
<content type='text'>
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
</content>
</entry>
</feed>
