5d ago

Plex server patching required

www.bleepingcomputer.com

Just a moment...

Plex has notified some of its users on Thursday to urgently update their media servers due to a recently patched security vulnerability.
The company has yet to assign a CVE-ID to track the flaw and didn't provide additional details regarding the patch, only saying that it impacts Plex Media Server versions 1.41.7.x to 1.42.0.x.

Plex @lemmy.ca

veee @lemmy.ca

5d ago

Plex server patching required

www.bleepingcomputer.com /news/security/plex-warns-users-to-patch-security-vulnerability-immediately/

45 comments

Patch it to Jellyfin 10.10.7.
- I did this a few months back.
  Some things aren't as great, but you get full control and your server idles way better on JellyFin.
  
  Yeah, as long as you have a decently supported client the entire platform is very serviceable. I do wish they would get rid of the unprotected endpoints and officially support 2FA on the server and clients.
  For all their anti-consumer practices Plex does at least take their security very seriously.
Who the fuck still uses plex?
- I'm still using Plex because Jellyfin refuses to play surround sound on my Nvidia Shield. I do have a Jellyfin server running alongside Plex, with synchronized progress, for the inevitable point where I will have to jump ship.
- How is this a useful comment?
- I still use Plex because I have a lifetime pass from many years ago and Jellyfin isn't yet as feature-rich and accessible on all of my family's devices.
  I expect to someday migrate fully to Jellyfin once Plex is enshittified to the point is being a worse experience, but that hasn't happened yet (with the Plex pass anyway)
  
  I've never used Plex. What are some of the features that you're missing in Jellyfin? Genuinely curious.
- People who bought the lifetime Plex pass, and have a huge group of friends and family already connected to their servers.
- if it's just family and friends you care about, it was pretty easy for me to set up a jellyfin server at home and point a really small virtualhost on a server mapped to a domain name with a reverse proxy to my home ip and then just opening up the jellyfin port on my router. this was literally just for my mum and dad and brother so ymmv.
  
  Use wireguard or Tailscale.
- What's the app/smart device adoption like for jellyfin these days? Plex usage for clients is really smooth. Plex comes preloaded on so many smart devices and the app ecosystem is dead simple. I can't imagine having to walk my family and friends through setting up jellyfin.
- From what I've gathered in other posts regarding Plex and jellyfin, the ones that never learned how to port forward or any other alternative solution for getting external traffic to their internal server. All the complaints I've read here regarding jellyfin boiled down to them relying on the Plex relay to handle the traffic for them.
  
  Anecdote but ive been hosting Plex for family members for 10+ years. I tried the Jellyfin switch. Compared to Plex the Jellyfin apps are pretty bad, and I had a ton of performance problems with the remote streaming as well. Its just not ready for that use case. Family members begged me to go back to Plex.
  My family at home and myself, we are using Jellyfin currently. It works OK for home use but there are days I want to go back to Plex. Its just a more polished experience.
I'm on Jellyfin as they banned Hetzner.
- Should clarify Plex banned using Hetzner :)
  
  i'm ootl; how was plex able to ban them? isn't hetzner just a vps provider? (not questioning you; just curious)
  
  https://torrentfreak.com/plex-will-block-media-servers-at-prevalent-hosting-company-230915/
  There's the story but there's not much tea.
  I'm guessing there were just enough complaints and Hetzner refused to take anything down.
  Really bizarre to license people self-hosting software and then refuse them from hosting it in certain places over what content they choose to put up.
  I wonder if they'll just roll through all the VPS now.

45 comments