It usually is the directory where you execute the docker compose command.
And which one of those are actually vulnerabilities that are exploitable? First, yes ofc unauthenticated endpoints should be fixed, but with those there is no real damage to be done.
If you know the media path then you can request a playback, and if you get the user ids then you can get all users. That's more or less it.
Good? No. But far from making it a poor choice exposing it.
If you are using arch and do not subscribe to the rss feed, then it is on you. As described here: https://wiki.archlinux.org/title/System_maintenance#Upgrading_the_system
Performance is not the goal, but cleaner code and more manageable code. But both will ultimately lead to better performance. As of now it was basically impossible to change something in the database structure since it was hard to estimate the impact of it.
... and may also break compatibility with previous 10.Y releases if required for later cleanup work.
If you read through the whole paragraph, it is clear that they mean the compatibility of previous jellyfin versions.
Also, again:
Note however that the 10.Y.Z release chain represents the "cleanup" of the codebase, so it should be accepted that 10.Y.Z breaks all compatibility,
That means that the code is not cleaned up with that release.
If you would release 11 before the code is considered cleaned up, you would basically break your own defined versioning convention. That is best decided by the active maintainers.
Consider the 10.y.z simply to be 0.y.z and everything works out.
Jellyfin inherited a lot of shitty code and architecture from emby. They simply cannot guarantee anything across patches until it is sorted out.
imho much better then releasing major version after major version because the break stuff regularly.
Also for internal use. The original emby source used not within the code base standardized database access.
Basically changes to the database were not possible since finding references across the code base which part uses which values was impossible.
Note however that the 10.Y.Z release chain represents the "cleanup" of the codebase, so it should be accepted that 10.Y.Z breaks all compatibility,
Its right there at the link you posted.
Tailscale offers way more then just wireguard. ACLs, NAT traversal etc. etc.
While some use cases can be replaced with traditional wireguard, others not.
No. The point is the performance. You cannot compare the number of cores or frequency or else across architectures. That is pointless. That is not what i have said at all.
Can you specify which CPUs you are talking about? Also we are not talking about cores. "Halving cores" means basically nothing when you compare across different architectures.
That is actually somewhat usual, isn't it? Just compared previous gens high end with entry to mid on nvidia like 1080 vs 3060 and 2080 vs 4060. They paint the same picture.
We are far away from the times where every single generation, marks a significant performance increase. For CPU or GPU performance.
Really surprised about this. I am using syncthing now for many years on various devices and never encountered issues with it. And also, file sync is not a backup solution.
cve-2021-3156 heap overflow in sudo. roughly 10 years long in sudo. Allowed privilege escalation. It was huge.
Still the same but afaik they now somewhat support running zfs
I only can assume: 1.5 months rounded up, using 31 days a month 31+16=47
So you get half a month to realize that your monthly automated renewal is broken?
There are many ways to harden against it, but "just disable root auth" is not really it, since it in itself does not add much.
No you can alias that command and hijack the password promt via bashrc and then you have the root password as soon as the user enters it.
With aliases in the bashrc you can hijack any command and execute instead of the command any arbitrary commands. So the command can be extracted, as already stated above, this is not a weakness of sudo but a general one.