[USN-4177-1] Rygel vulnerability

Marc Deslauriers marc.deslauriers at canonical.com
Wed Nov 6 19:50:57 UTC 2019

Ubuntu Security Notice USN-4177-1
November 06, 2019

rygel vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 19.10


The system could be made to expose sensitive information.

Software Description:
- rygel: GNOME UPnP/DLNA services


It was discovered that the Rygel package automatically started the daemon
by default in user sessions. In certain environments, this resulted in
media being shared contrary to expectations.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.10:
  rygel                           0.38.1-2ubuntu3.3

After a standard system update you need to restart your session to make
all the necessary changes.


Package Information:

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20191106/a21e11a2/attachment.sig>

More information about the ubuntu-security-announce mailing list