Fedora has issued an advisory on February 26:
The issue is fixed upstream in 0.40.1.
Fixed upstream in 0.40.1
Hi, thanks for reporting this.
As there is no maintainer for this package I added the committers in CC.
(Please set the status to 'assigned' if you are working on it)
Done for mga8!
Fixed upstream in 0.40.1 =>
Not normally a Gnome user, nor do I stream media, but I'll give this a stab, anyway.
Upgraded a M7 Gnome vbox guest to M8. Saw that rygel was already installed, so used qarepo to get updates. No installation issues.
The user is supposed to create a rygel.conf file, but if that isn't done /etc/rygel.conf is used. So I ran "rygel" in a terminal. It couldn't find the file, but started checking for plugins and cataloging media folders. I closed the terminal and brought up another, running "rygel -h" for a bit of help. Then I ran "rygel --shutdown" which said the remote service had been shut down.
So I flirted a bit with the edges, enough to see it not crash. Calling that good enough. If it needs more, someone else will have to try it.
Updated rygel packages fix security vulnerability:
The rygel packages has been updated to version 0.40.1, fixing security
issue and other bugs.
Updated packages in 7/core/updates_testing:
oups, please read 8/core/updates_testing above Comment 5.
An update for this issue has been pushed to the Mageia Updates repository.