USN-5195-1: Mumble vulnerability
16 December 2021
A security issue was fixed in Mumble.
Releases
Packages
- mumble - Low latency encrypted VoIP client
Details
It was discovered that the Mumble client supported websites for public servers
with arbitrary URL schemes. If a user were tricked into visiting a malicious
website from the public server list, a remote attacker could possibly execute
arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.04
Ubuntu 18.04
In general, a standard system update will make all the necessary changes.