[Bug 1861791] [NEW] Server incompatible with Focal clients

René Walendy 1861791 at bugs.launchpad.net
Tue Feb 4 10:52:11 GMT 2020


Public bug reported:

We're currently having trouble with a TLS issue between mumble-server
1.2.19-1ubuntu1 on 18.04 Bionic and the mumble client 1.3.0+dfsg-1 on
Focal.

There is a known issue (https://github.com/mumble-
voip/mumble/issues/2116) with mumble-server (murmurd) on Bionic causing
only TLS 1.0 connections to be negotiated, which is starting to be a
security concern as TLS 1.3 becomes widely available. This is detected
by the new mumble client on Focal, which outright refuses to establish
TLS 1.0 connections in a default setup. While this is a good thing
security-wise, it of course makes mumble-server 1.2.19 rather obsolete.
The only solution that worked for us so far was to upgrade mumble-server
to 1.3.0 via ppa:mumble/release.

Since both 18.04 and 20.04 are LTS releases, this creates an
incompatibility between the packages shipped by default on two supported
and widely used releases.

To improve security and fix the incompatibility issue, is it possible to
bump mumble and mumble-server to 1.3.0 on Bionic without compiling from
source or using PPAs?

** Affects: mumble (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Debian
VoIP Team, which is subscribed to mumble in Ubuntu.
https://bugs.launchpad.net/bugs/1861791

Title:
  Server incompatible with Focal clients

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mumble/+bug/1861791/+subscriptions



More information about the Pkg-voip-maintainers mailing list