this post was submitted on 25 Mar 2026
29 points (100.0% liked)

Jellyfin: The Free Software Media System

8836 readers
57 users here now

Current stable release: 10.11.8

Community Standards

Website

Forum

GitHub

Documentation

Feature Requests

Matrix (General Information & Help)

Matrix (Announcements)

Matrix (General Development)

Matrix (Off-Topic) - Come get to know the team and blow off steam!

Matrix Space - List of all the available rooms on Matrix.

Discord - Bridged to our Matrix rooms

founded 5 years ago
MODERATORS
sparky8251@lemmy.ml
1hitsong@lemmy.ml
anthonylavado@lemmy.ca
29
CVE: Possible Organization/Secret Compromise from dangerous CI implementation (www.cvedetails.com)
submitted 2 weeks ago* (last edited 2 weeks ago) by le_throosh@lemmy.dbzer0.com to c/jellyfin@lemmy.ml
6 comments fedilink hide all child comments
 

Strange that there was no comms whatsover from the team about this

you are viewing a single comment's thread
view the rest of the comments
[–] Link@rentadrunk.org 8 points 2 weeks ago* (last edited 2 weeks ago)

Hasn’t it already been patched? https://github.com/jellyfin/jellyfin-ios/security/advisories/GHSA-7qhm-2m45-7fmh

Patches

CI workflows have been modified in all affected repositories, and secrets have been rotated.

Furthermore, OPs post seems to link to the patch: https://github.com/jellyfin/jellyfin-ios/commit/109217e75f38394b2f6e46e25dfe5a721203d3c8