USN-1067-1: Telepathy Gabble vulnerability
17 February 2011
An attacker could send crafted requests to view streamed media content.
- telepathy-gabble - Jabber/XMPP connection manager
It was discovered that Gabble did not verify the from field of google
jingleinfo updates. This could allow a remote attacker to perform
machine-in-the-middle attacks (MITM) on streamed media.
The problem can be corrected by updating your system to the following package versions:
After a standard system update you need to restart your session to make all
the necessary changes.