Package: mumble-server Version: 1.2.2-2 Severity: grave Tags: security Hi,
The following vulnerability has been reported in mumble-server. From [1]: > Through a malformed type of data is possible to force the termination > of the server due to an error in the SQL query (SQLite library). > The attacker needs to join the server to exploit it. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry, if one is assigned by then. There's no known patch at the moment and an exploit is linked by the advisory. [1]http://aluigi.altervista.org/adv/mumbleed-adv.txt Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
