On Wednesday, February 05, 2014 16:10:36 Salvatore Bonaccorso wrote: > Source: mumble > Version: 1.2.3-349-g315b5f5-2.2 > Severity: grave > Tags: security upstream fixed-upstream > > Hi > > Mumble has released a new upstream version fixing CVE-2014-0044 and > CVE-2014-0045. See upstream commits at: > > https://github.com/mumble-voip/mumble/commit/850649234d11685145193a59d72d984 > 29e4f9ba7 > https://github.com/mumble-voip/mumble/commit/d3be3d7b96a5130e4b20f23e327b04 > 0ea4d0b079 > > Upstream announces at > > http://mumble.info/security/Mumble-SA-2014-001.txt > http://mumble.info/security/Mumble-SA-2014-002.txt > > Regards, > Salvatore
Thanks for fixing this. As these commits were authored only 5 days ago I'd think the current 1.2.4-0.1 package in Sid and Jessie have this issue too, unless there's some other mitigating factor with the stable 1.2.4 version. -- Chris -- Chris Knadle chris.kna...@coredump.us -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
