-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4402-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
March 05, 2019                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : mumble
CVE ID         : CVE-2018-20743

It was discovered that insufficient restrictions in the connection
handling of Mumble, a low latency encrypted VoIP client, could result in
denial of service. 

For the stable distribution (stretch), this problem has been fixed in
version 1.2.18-1+deb9u1.

We recommend that you upgrade your mumble packages.

For the detailed security status of mumble please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/mumble

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlx+32kACgkQEMKTtsN8
TjabGw/+Pc35fpm4rQJ4p+u+pxNl4wR6pYIJCZto6wkJlePSQJ+dzPVfM0YOMWHJ
YVeGKjpKru6Conk1sdv5v+cgVJ46qVTJdGRvjl3WQogy6FhiFJMj1l2tYT759NxC
uuRKvl8bLaL5gXAYNvIk1zdsYT5IYhN2xZq/Z5IKnloVFAhBqA1p0l2qyPQDO6V3
arejpCz5jNmpCLz8/DEGrjlCsfHo3gvNBWSxpnP97nahJKGy7VdNr7HmVv96NOaN
PV/Q3NmNKdJSRT0+QUyYa/lMR8vWS7egRKtpNWGK4PUztRMdvpBOn9CYCHd8qhkQ
Yyv5LbBZ2TvWGbsIsz569HY3jXIKPuiiK6IpYHNwaDHKq+Y7lJjWEiO/DNI6M044
kfRdT1cKZSDCRnzdWBveWqVqG7MPsu9X8Jwv3lXJc9TKXkpu1FvQf2+sLCz1eJZM
02iy57sw/iQNGIPxugaEBenpgLrw+drs56yNFecUnkgp8loA/rkH5OCPc6+vuOh1
UUEgtZgbBIxj9qhhnjjGFr/wdw2UcmVW3zT8sun22ZMM8jeThZZNy0HdmjQN8y2n
GfWCQYlspwp13ZclxFHkHjCjTBAwvVhxr3L7w0ZlPcs7OKN+thhw4ISjaTJdVS7M
HZbwZtGaWARFnIEHTvLv05mniezn1/ZQ6C7HGI9v3f5MwZkrg3g=
=673Q
-----END PGP SIGNATURE-----