lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Tue, 5 Mar 2019 20:45:21 +0000
From: Moritz Muehlenhoff <jmm@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 4402-1] mumble security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4402-1                   security@...ian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
March 05, 2019                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : mumble
CVE ID         : CVE-2018-20743

It was discovered that insufficient restrictions in the connection
handling of Mumble, a low latency encrypted VoIP client, could result in
denial of service. 

For the stable distribution (stretch), this problem has been fixed in
version 1.2.18-1+deb9u1.

We recommend that you upgrade your mumble packages.

For the detailed security status of mumble please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/mumble

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlx+32kACgkQEMKTtsN8
TjabGw/+Pc35fpm4rQJ4p+u+pxNl4wR6pYIJCZto6wkJlePSQJ+dzPVfM0YOMWHJ
YVeGKjpKru6Conk1sdv5v+cgVJ46qVTJdGRvjl3WQogy6FhiFJMj1l2tYT759NxC
uuRKvl8bLaL5gXAYNvIk1zdsYT5IYhN2xZq/Z5IKnloVFAhBqA1p0l2qyPQDO6V3
arejpCz5jNmpCLz8/DEGrjlCsfHo3gvNBWSxpnP97nahJKGy7VdNr7HmVv96NOaN
PV/Q3NmNKdJSRT0+QUyYa/lMR8vWS7egRKtpNWGK4PUztRMdvpBOn9CYCHd8qhkQ
Yyv5LbBZ2TvWGbsIsz569HY3jXIKPuiiK6IpYHNwaDHKq+Y7lJjWEiO/DNI6M044
kfRdT1cKZSDCRnzdWBveWqVqG7MPsu9X8Jwv3lXJc9TKXkpu1FvQf2+sLCz1eJZM
02iy57sw/iQNGIPxugaEBenpgLrw+drs56yNFecUnkgp8loA/rkH5OCPc6+vuOh1
UUEgtZgbBIxj9qhhnjjGFr/wdw2UcmVW3zT8sun22ZMM8jeThZZNy0HdmjQN8y2n
GfWCQYlspwp13ZclxFHkHjCjTBAwvVhxr3L7w0ZlPcs7OKN+thhw4ISjaTJdVS7M
HZbwZtGaWARFnIEHTvLv05mniezn1/ZQ6C7HGI9v3f5MwZkrg3g=
=673Q
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ