Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

openSUSE: 2020:1439-1 Moderate: Mumble Security Advisory

opensuse
Calendar Grey September 16, 2020
Dist Opensuse Esm H88
openSUSE Security Update: Security update for mumble _______________________________________________
An update that contains security fixes can now be installed.

Description

This update for mumble fixes the following issues:

mumble was updated 1.3.2:

* client: Fixed overlay not starting

Update to upstream version 1.3.1

- Security

* Fixed: Potential exploit in the OCB2 encryption (#4227) boo#1174041

- ICE

* Fixed: Added missing UserKDFIterations field to UserInfo => Prevents

getRegistration() from failing with enumerator

out of range error (#3835)

- GRPC

* Fixed: Segmentation fault during murmur shutdown (#3938)

- Client

* Fixed: Crash when using multiple monitors (#3756)

* Fixed: Don't send empty message from clipboard via shortcut, if

clipboard is empty (#3864)

* Fixed: Talking indicator being able to freeze to indicate talking when

self-muted (#4006)

* Fixed: High CPU usage for update-check if update server not available

(#4019)

* Fixed: DBus getCurrentUrl returning empty string when not in

root-channel (#4029)

* Fixed: Small parts...

Read the Full Advisory

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP1:

zypper in -t patch openSUSE-2020-1439=1

Package List

- openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64):

mumble-1.3.2-bp151.6.12.2

mumble-server-1.3.2-bp151.6.12.2

- openSUSE Backports SLE-15-SP1 (aarch64_ilp32):

mumble-64bit-1.3.2-bp151.6.12.2

References

https://bugzilla.suse.com/1174041

--

Announcement ID: openSUSE-SU-2020:1439-1
Rating: moderate
Affected Products: openSUSE Backports SLE-15-SP1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here