[Bug 1335597] Re: CVE-2014-3755 and CVE-2014-3756
Launchpad Bug Tracker
1335597 at bugs.launchpad.net
Wed Jul 2 13:19:58 UTC 2014
This bug was fixed in the package mumble - 1.2.4-0.2ubuntu1.1
---------------
mumble (1.2.4-0.2ubuntu1.1) trusty-security; urgency=medium
* SECURITY UPDATE: denial of service through SVG images (LP: #1335597)
- debian/patches/Mumble-SA-2014-005.patch: patch from upstream
- CVE-2014-3755
* SECURITY UPDATE: unproperly HTML-escaped external strings
- debian/patches/Mumble-SA-2014-006.patch: patch from upstream
- CVE-2014-3756
-- Felix Geyer <debfx at ubuntu.com> Sun, 29 Jun 2014 11:34:25 +0200
** Changed in: mumble (Ubuntu Trusty)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Debian
VoIP Team, which is subscribed to mumble in Ubuntu.
https://bugs.launchpad.net/bugs/1335597
Title:
CVE-2014-3755 and CVE-2014-3756
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mumble/+bug/1335597/+subscriptions
More information about the Pkg-voip-maintainers
mailing list