after almost 15yrs my plex server is no more. jellyfin behind nginx with authentik is running very nicely.
this post was submitted on 03 Jul 2025
786 points (96.3% liked)
Selfhosted
60074 readers
777 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam.
-
Posts here are to be centered around self-hosting. Please ensure it is clear in your post how it relates to self-hosting.
-
Don't duplicate the full text of your blog or git here. Just post the link for folks to click.
-
Submission headline should match the article title.
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I just validated that the latest version of the LDAP privilege escalation issue is not an issue anymore. The
curlscript is in the ticket.This was the one where a standard user could get plugin credentials, such as the LDAP bind user, and change the LDAP endpoint. I.E., bad.
I chose this one because after going through all of them, it was the only one that allowed access to something that wasn't just data in Jellyfin.
So for me, security is less of an issue knowing that, as only family use the service, and the remaining issues all require a logged in user (hit admin endpoint with user token).
Plus, I tried a few of those and they were also fixed, just not documented yet. I didn't add to those tickets because I was not as formal with my testing.
@EncryptKeeper@lemmy.world