jellyfin: fix permissions on state directory

Previously, all configuration and state data was accessible to all
users on the system running jellyfin. This included user passwords in
the Jellyfin database, as well as credentials for LDAP if configured.
The exact set of accessible data depends on system configuration.

Thanks to Sofie Finnes Øvrelid for reporting this issue.

Fixes: CVE-2022-32198

Co-Authored-By: Martin Weinelt <hexa@darmstadt.ccc.de>

0 files changed, 0 insertions, 0 deletions