It was discovered that missing input validation in minidlna, a
lightweight DLNA/UPnP-AV server could result in the execution of
arbitrary code. In addition minidlna was susceptible to the
"CallStranger" UPnP vulnerability.
For the stable distribution (buster), these problems have been fixed in
We recommend that you upgrade your minidlna packages.