Package: mumble Version: 1.3.0~git20190114.9fcc588+dfsg-1 Severity: serious Tags: security fixed-upstream pending
A vulnerability has been discovered whereby a remote unauthenticated user connected to the server can send a crafted packet to change the number of allowed users in the root channel to 0, thereby disallowing users to connect to the server and causing a Denial of Service. All version of mumble-server prior to the fix in Mumble issue #3586 on 2019-01-25 are affected. https://github.com/mumble-voip/mumble/issues/3585 A new upload of mumble is being prepared to fix this issue. -- Chris -- Chris Knadle chris.kna...@coredump.us
signature.asc
Description: OpenPGP digital signature