Package: mumble Version: 1.2.19-3 Severity: important Tags: security fixed-upstream fixed-in-experimental
It is currently possible to cause mumble-server to freeze and/or crash by sending specifically it crafted commands, leading to a denial of service. The server usually automatically recovers, however it has been reported that in some instances it can take up to an hour after the attack has ended. The attack can be done remotely and does not need special permissions. All versions of mumble 1.2.x and 1.3.0 snapshots prior to 2018-08-31 are affected.
signature.asc
Description: OpenPGP digital signature
