Update Jellyfin to v10.8.10 (#752)

Co-authored-by: nmfretz <nmfretz@gmail.com>
1 year ago · 5e326ed76d
2 changed files with 3 additions and 3 deletions
--- a/jellyfin/docker-compose.yml
+++ b/jellyfin/docker-compose.yml
@ -8,7 +8,7 @@ services:
      PROXY_AUTH_ADD: "false"

  server:
-    image: linuxserver/jellyfin:10.8.9@sha256:af281e1b23198076a2ce848d710e8c7ee6f96134d18c61e9c23128e3419d9e86
+    image: linuxserver/jellyfin:10.8.10@sha256:6d425c0a3bcc8a4e13e994ffd728c866c261548ff30c2b22dd095ef57a2bfbbf
    restart: on-failure
    hostname: "${DEVICE_HOSTNAME}"
    environment:
--- a/jellyfin/umbrel-app.yml
+++ b/jellyfin/umbrel-app.yml
@ -2,7 +2,7 @@ manifestVersion: 1
 id: jellyfin
 category: media
 name: Jellyfin
-version: "10.8.9"
+version: "10.8.10"
 tagline: The Free Software Media System
 description: >-
  Jellyfin is the volunteer-built media solution that puts you in control of your media. Stream to any device from your own server, with no strings attached. Your media, your server, your way.
@ -32,7 +32,7 @@ path: ""
 defaultUsername: ""
 defaultPassword: ""
 releaseNotes: >-
-  Updates Jellyfin from version 10.8.4 to 10.8.9. This update includes a series of stable hotfix releases that improve the overall performance, stability, and functionality of Jellyfin.
+  ⚠️ CRITICAL SECURITY ADVISORY: There's a significant security issue in previous versions, where two vulnerabilities can be paired to allow any Jellyfin user, even those without admin rights, to remotely control the system. One of these issues has been around since the 10.8.0 release, while the other has been present in all versions of Jellyfin up to now. It's essential for all Jellyfin administrators to update to this version, especially if they have untrusted users or if their Jellyfin is accessible on the Internet.
  

  Full changelogs for Jellyfin releases can be found here: https://github.com/jellyfin/jellyfin/releases