Your submission was sent successfully! Close

USN-5195-1: Mumble vulnerability

16 December 2021

A security issue was fixed in Mumble.

Releases

Packages

  • mumble - Low latency encrypted VoIP client

Details

It was discovered that the Mumble client supported websites for public servers
with arbitrary URL schemes. If a user were tricked into visiting a malicious
website from the public server list, a remote attacker could possibly execute
arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 20.04
Ubuntu 18.04

In general, a standard system update will make all the necessary changes.

References

Related notices