openSUSE: 2020:1439-1 Moderate: Mumble Security Advisory
opensuse
September 16, 2020
An update that contains security fixes can now be installed.
Description
This update for mumble fixes the following issues:
mumble was updated 1.3.2:
* client: Fixed overlay not starting
Update to upstream version 1.3.1
- Security
* Fixed: Potential exploit in the OCB2 encryption (#4227) boo#1174041
- ICE
* Fixed: Added missing UserKDFIterations field to UserInfo => Prevents
getRegistration() from failing with enumerator
out of range error (#3835)
- GRPC
* Fixed: Segmentation fault during murmur shutdown (#3938)
- Client
* Fixed: Crash when using multiple monitors (#3756)
* Fixed: Don't send empty message from clipboard via shortcut, if
clipboard is empty (#3864)
* Fixed: Talking indicator being able to freeze to indicate talking when
self-muted (#4006)
* Fixed: High CPU usage for update-check if update server not available
(#4019)
* Fixed: DBus getCurrentUrl returning empty string when not in
root-channel (#4029)
* Fixed: Small parts...
Read the Full Advisory
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP1:
zypper in -t patch openSUSE-2020-1439=1
Package List
- openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64):
mumble-1.3.2-bp151.6.12.2
mumble-server-1.3.2-bp151.6.12.2
- openSUSE Backports SLE-15-SP1 (aarch64_ilp32):
mumble-64bit-1.3.2-bp151.6.12.2
References
https://bugzilla.suse.com/1174041
--
PREVIOUS 
NEXT Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!