|| ||Mageia Updates <email@example.com> |
|| ||firstname.lastname@example.org |
|| ||[updates-announce] MGASA-2012-0248: mumble-1.2.3-2.3.mga2 (2/core) |
|| ||Thu, 30 Aug 2012 12:37:15 +0200|
|| ||Article, Thread
Date: August 30th, 2012
Affected releases: 2
Mumble 1.2.3 and earlier uses world-readable permissions for
.local/share/data/Mumble/.mumble.sqlite files in home directories,
which might allow local users to obtain a cleartext password and
configuration data by reading a file (CVE-2012-0863).
Additionally, the version of mumble shipped with Mageia 2 does not
properly find and use the celt 0.7.1 library. This is the most common
celt version and is required for communication with the Windows and OSX
clients. This resulted in Mumble being able to connect fine, playback
and record audio, appear as if everything is working perfectly, but
then simply fail to play or send any audio.
The updated packages fix these issues.
Finally, the mumble-server-web package is being provided, as it was not
provided initially with Mageia 2, and ICE support has been enabled.
to post comments)