89
New Jellyfin Server/Web release: 10.10.7 (forum.jellyfin.org)
submitted 2 months ago by otter@lemmy.ca to c/selfhosted@lemmy.world
74 comments fedilink hide all child comments

cross-posted from: https://aussie.zone/post/19146681

Jellyfin Server 10.10.7

Important Notes

Configurations behind a reverse proxy that did not explicitly configure trusted proxies will not work after this release. This was never a supported configuration, so please ensure you correct your configuration before upgrading. See the updated docs here for more information.

Security

  • Fix validation of API parameters to FFmpeg [GHSA-2c3c-r7gp-q32m], by @Shadowghost
  • Fix trusting forward headers if none are configured [GHSA-qcmf-gmhm-rfv9], by @JPVenson

Note: GHSAs will be published seven (7) days after this release.

General Changes

  • Fix regression where "Search for missing metadata" not handling cast having multiple roles [PR #13720], by @Lampan-git
  • Clone fallback audio tags instead of use ATL.Track.set [PR #13694], by @gnattu
  • Backport 10.11 API enum changes [PR #13835], by @nielsvanvelzen
  • Support more rating formats [PR #13639], by @IDisposable
  • Fix stackoverflow in MediaSourceCount [PR #12907], by @JPVenson
  • Upgrade LrcParser to 2025.228.1 [PR #13659], by @congerh
  • Include Role and SortOrder in MergePeople to fix "Search for missing metadata" [PR #13618], by @Lampan-git
  • Delete children from cache on parent delete [PR #13601], by @Bond-009
  • Fix overwrite of PremierDate with a year-only value [PR #13598], by @IDisposable
  • Wait for ffmpeg to exit on Windows before we try deleting the concat file [PR #13593], by @Bond-009
  • Fix 4K filtering when grouping movies into collections [PR #13594], by @theguymadmax
  • Remove empty ParentIndexNumber workaround [PR #13611], by @Shadowghost
  • Update dependency z440.atl.core to 6.20.0 [PR #13845], by @Shadowghost

Jellyfin Web 10.10.7

General Changes

  • Fix parsing minor version of Tizen [PR #6661], by @dmitrylyzo
  • Fix re-focusing on pause button when displaying OSD [PR #6510], by @dmitrylyzo
  • Fix skip button not displaying correctly with OSD [PR #6583], by @rlauuzo
  • Fix catalog plugin page not setting page title [PR #6570], by @nielsvanvelzen
top 50 comments
sorted by: hot top controversial new old
[-] renegadespork@lemmy.jelliefrontier.net 16 points 2 months ago

Configurations behind a reverse proxy that did not explicitly configure trusted proxies will not work after this release. This was never a supported configuration, so please ensure you correct your configuration before upgrading. See the updated docs here for more information.

Well I’m glad I read that before upgrading!

[-] sugar_in_your_tea@sh.itjust.works 8 points 2 months ago

It's odd to throw that into a patch release. I guess we'll find out if I did it correctly.

[-] jonne@infosec.pub 4 points 2 months ago

I mean, it's patching a security issue caused by trusting headers it shouldn't, so I don't think they should wait for a big number release.

[-] sugar_in_your_tea@sh.itjust.works 7 points 2 months ago

Why wait? Just release it as a big number release. The version number doesn't define the size or cadence of a release, it just says whether there's a breaking change.

[-] mac@lemm.ee 3 points 2 months ago* (last edited 2 months ago)

At least in my org we use semantic versioning ( Major.Minor.patch) where patch must either be a new feature, a fix, or something that is backwards compatible

Minor can be breaking

Major is basically something you're proud of lol

[-] Rogue@feddit.uk 1 points 2 months ago

That's not semantic versioning...

[-] mac@lemm.ee 1 points 2 months ago

Guess my org fucked it up ¯\(ツ)

[-] Supernova1051@sh.itjust.works 1 points 2 months ago* (last edited 2 months ago)

everyone does their own thing, but semantic versioning is specifically:

  • Major: Incompatible changes (breaks existing code).
  • Minor: New, compatible features.
  • Patch: Bug fixes, small improvements.
load more comments (5 replies)
[-] 486@lemmy.world 5 points 2 months ago* (last edited 2 months ago)

Thanks for pointing this out! I probably would have missed this, since I didn't expect such a change for a patch release.

Their documentation mentions:

For jellyfin to know which reverse proxy is trusted, the IP, Hostname or Subnet has to be set in the Known Proxies (under Admin Dashboard -> Networking) setting.

Does this really mean, that the only way to configure this is through the web UI? This is kind of a problem when deploying it, since without the reverse proxy I can't reach the Jellyfin server. Is there no way of doing this outside the web UI, via a config file or something?

Edit: Apparently the configuration for the proxies is stored in Jellyfin's network.xml config file. So it should be possible to do this without manually configuring it via the web UI.

Another edit: It works. Adding <KnownProxies>[proxy ip or hostname]</KnownProxies> in place of the empty <KnownProxies/> key to that config file does the trick.

load more comments (4 replies)
load more comments (30 replies)
[-] melfie@lemmings.world 9 points 2 months ago

Really looking forward to 10.11 when the EFCore functionality is in place so I can run it with PostgreSQL and actually backup the DB properly and also have proper replication for a hot standby.

[-] retmas@lemm.ee 4 points 2 months ago

As far as I can understand, even with EFCore in 10.11, there still will only sqlite be available as a database backend. There are plans for postgresql and other types but it's a much more distant prospect. Reference

[-] melfie@lemmings.world 2 points 2 months ago

Ah, seems I had a misunderstanding and appreciate the info!

[-] wabasso@lemmy.ca 3 points 2 months ago

If you have the time, I’d love to learn how to set up a hot standby, not just for jellyfin but in general.

[-] melfie@lemmings.world 1 points 2 months ago

I was imagining setting up an old laptop as a backup to my main server with PostgreSQL replication for the Jellyfin DB and some sort of file synchronization for media and metadata. I have yet to manually setup PostgreSQL replication outside of a cloud provider where the process is automated, so I was planning it as an interesting learning experience. However, from the post above, it seems I was misinformed about the timeframe of PostgreSQL support in Jellyfin.

[-] wabasso@lemmy.ca 1 points 2 months ago

Thanks! I’m running jellyfin inside of docker, so perhaps there’s a way to keep the images synchronized. Media sync would happen separate, as you suggest.

[-] chaospatterns@lemmy.world 2 points 2 months ago

Oh that would be nice. I would use that to just go into the database and fix all my broken music metadata which I can't see to fix any other way.

[-] melfie@lemmings.world 1 points 2 months ago

I stand corrected about PostgreSQL support dropping in 10.11. Seems we may still have quite a wait ahead of us.

[-] hperrin@lemmy.ca 7 points 2 months ago

My friend who’s been praising Plex for years and making fun of me for using Jellyfin instead just told me the other day he’s thinking about switching. It’s their new subscription fee that finally did it. xD

[-] kcweller@feddit.nl 6 points 2 months ago

It's what made me switch this weekend. I didn't know I missed the "Episode ends on (time)" functionality until I got it with Jellyfin, Holy shit that's so nice ❤️

[-] raptore39@lemm.ee 1 points 2 months ago

I wish everything had that

load more comments (1 replies)
[-] node815@lemmy.world 6 points 2 months ago

Not related to the server, but I was very happily surprised with the latest Roku Jellyfin channel. A complete refresh of everything and it's great to see it.

[-] gazby@lemmy.dbzer0.com 4 points 2 months ago

You'll want to get off Roku soon, they're already testing preroll ads for the home screen.

[-] node815@lemmy.world 2 points 2 months ago

I can see them doing that, I use a DNS ad-block (Adguardhome) with plenty of filters and last night, I spotted that they were able to inject two ads (standard one to the right of the channels and one at the bottom below the menu for the new Minecraft movie when they changed my background. So, they are finding ways around this stuff. I simply disabled the Sponsored themes. We are on the fence about replacing the TV later this year but not 100% sure just yet. It's been quite buggy randomly rebooting when switching sources and other things.

load more comments (7 replies)
[-] 1hitsong@lemmy.ml 2 points 2 months ago

🤘 Enjoy

[-] timbuck2themoon@sh.itjust.works 1 points 2 months ago

For real. JF roku team is killing it. Latest release is so nice.

[-] 1hitsong@lemmy.ml 2 points 2 months ago

🤘 Thanks

[-] cupcakezealot@lemmy.blahaj.zone 2 points 2 months ago

updated on mint this weekend; admittedly it's not a big library (mostly just for me and my family) but it was pretty painless. i put in my trusted proxies ahead of time and backed up /etc/jellyfin and /var/lib/jellyfin ahead of time. no problems at all.

load more comments
view more: next ›
this post was submitted on 06 Apr 2025
89 points (98.9% liked)

Selfhosted

48068 readers
390 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz