Serviio

DLNA media server
https://www.serviio.org/forum/

Secunia PSI alert for v1.6

https://www.serviio.org/forum/viewtopic.php?f=5&t=21599

Page 1 of 1

Secunia PSI alert for v1.6

PostPosted: Wed Feb 24, 2016 4:52 pm
by Tim9898
I recently upgraded to Servio 1.6. Not having any problems, but my latest Secunia PSI scan reports a minor security issue with the file,
C:\Program Files\Serviio\console\node.dll

From Secunia about the issue: https://secunia.com/advisories/68950

From nodejs.org about the issue: https://nodejs.org/en/

Any suggestions how to deal with this?

Thank you

Re: Secunia PSI alert for v1.6

PostPosted: Wed Feb 24, 2016 5:44 pm
by zip
The wbe console uses a wrapper that makes the web page an executable. It's based on NodeJS AFAIK, but Serviio itself doesn''t use any nodeJS functionality. You can

- live with it
- install without the console and go to http://localhost:23423/console instead
- try to delete the dll file, but not sure if it'll still work

Re: Secunia PSI alert for v1.6

PostPosted: Thu Feb 25, 2016 5:32 pm
by Tim9898
Thank you,

I tried "- install without the console and go to http://localhost:23423/console instead"

That got rid of the Secunia warning.

Launching the console from the start menu still works.

(System is Win 10 x64)
All times are UTC
Page 1 of 1
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
http://www.phpbb.com/