Skip to content

chore(deps): update ghcr.io/tautulli/tautulli docker tag to v2.17.1#508

Merged
Nirajn2311 merged 1 commit into
mainfrom
renovate/ghcr.io-tautulli-tautulli-2.x
May 30, 2026
Merged

chore(deps): update ghcr.io/tautulli/tautulli docker tag to v2.17.1#508
Nirajn2311 merged 1 commit into
mainfrom
renovate/ghcr.io-tautulli-tautulli-2.x

Conversation

@renovate

@renovate renovate Bot commented May 5, 2026

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Update Change
ghcr.io/tautulli/tautulli patch v2.17.0v2.17.1

Release Notes

Tautulli/Tautulli (ghcr.io/tautulli/tautulli)

v2.17.1

Compare Source

  • Notifications:
    • Fix: Tautulli Remote App notifications failing to send. (#​2669)
    • New: Added extra type and preroll to notification parameters.
    • New: Added Simkl URL to notification parameters.
  • Newsletters:
    • Fix: Remote code execution via newsletter custom template directory. (CVE-2026-41065) (Thanks @​remindsec)
  • Exporter:
    • Fix: Export failed when logo / square art keys were included. (#​2685)
  • UI:
    • Fix: Error when browsing for folder paths. (#​2673)
    • New: Added AV1 media flag image. (#​2676) (Thanks @​little0831)
    • New: Added opus media flag image.
  • Other:
    • Fix: Clean empty directories after updating using git. (#​2667)
    • Fix: Tautulli failing to reconnect to Plex Media Server until restarted after a connection loss at startup. (#​2640)
    • Fix: Path treversal in cache deletion API. (CVE-2026-40605) (Thanks @​JakePeralta7)
    • Fix: Websocket not exiting and reconnecting cleanly after changing Plex servers.
    • Fix: Sanitize JS log errors to prevent XSS. (CVE-2026-43984) (Thanks @​larlarua)
    • Fix: Do not store image hash for external images. (CVE-2026-43986) (Thanks @​larlarua)
    • New: Update Windows and MacOS packages to Python 3.13.
    • New: Update Snap package to core24.
    • New: Using mounted folders for custom newsletter templates and scripts requires manually enabling allow_mounted_folders = 1 in the config file.
    • New: Added anti-CSRF tokens and enforce POST methods to state change endpoints. (CVE-2026-43985) (Thanks @​larlarua)
    • New: Hash Tautulli cookie name. All existing login sessions will be invalidated after the update.
    • New: Require X-Api-Key header for login through the /auth/signin endpoint.

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@Nirajn2311
Nirajn2311 merged commit 28ffb7b into main May 30, 2026
1 check passed
@Nirajn2311
Nirajn2311 deleted the renovate/ghcr.io-tautulli-tautulli-2.x branch May 30, 2026 11:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant