Hi Chris, On Wed, Feb 05, 2014 at 11:09:00AM -0500, Chris Knadle wrote: > On Wednesday, February 05, 2014 16:10:36 Salvatore Bonaccorso wrote: > > Source: mumble > > Version: 1.2.3-349-g315b5f5-2.2 > > Severity: grave > > Tags: security upstream fixed-upstream > > > > Hi > > > > Mumble has released a new upstream version fixing CVE-2014-0044 and > > CVE-2014-0045. See upstream commits at: > > > > https://github.com/mumble-voip/mumble/commit/850649234d11685145193a59d72d984 > > 29e4f9ba7 > > https://github.com/mumble-voip/mumble/commit/d3be3d7b96a5130e4b20f23e327b04 > > 0ea4d0b079 > > > > Upstream announces at > > > > http://mumble.info/security/Mumble-SA-2014-001.txt > > http://mumble.info/security/Mumble-SA-2014-002.txt > > > > Regards, > > Salvatore > > Thanks for fixing this. > > As these commits were authored only 5 days ago I'd think the current > 1.2.4-0.1 > package in Sid and Jessie have this issue too, unless there's some other > mitigating factor with the stable 1.2.4 version.
Yes it is also as it's supporting Opus; reason is that I concentrated first on the wheezy-security upload. Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
