This release is primarily to get the updated jellyfin-web to correct the stored XSS vulnerability GHSA-89hp-h43h-r5pq. While JMP is not vulnerable to most XSS vulnerabilities due to being an isolated application, this one could affect it.
Changes:
- Update web client to 10.8.10 to patch stored XSS issue.
- Skip searching for SSL bundles on Linux. (#301)
- Disallow flac from video transcoding. (#423)
- Allow disabling dovi transcode rule.
- Fix missing port in translation. (#288)
- Censor token from new stored creds block.
If you have issues with media playback due to hardware decoding (green/purple or artifacts), you can disable it using these instructions.
About Windows Downloads:
- The desktop installer requires administrator rights.
- You can avoid warnings on files by unblocking the file in the properties dialog.
- You can manually build a release using these instructions.