-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 25 Dec 2015 03:06:55 -0500 Source: mumble Binary: mumble mumble-11x mumble-server mumble-dbg mumble-server-web Architecture: source all amd64 Version: 1.2.2-6+squeeze2 Distribution: squeeze-lts Urgency: medium Maintainer: Debian VoIP Team <pkg-voip-maintainers@lists.alioth.debian.org> Changed-By: Christopher Knadle <Chris.Knadle@coredump.us> Description: mumble - Low latency VoIP client mumble-11x - Low latency VoIP client (1.1.x) mumble-dbg - Low latency VoIP client (debugging symbols) mumble-server - Low latency VoIP server mumble-server-web - Web scripts for mumble-server Closes: 748189 Changes: mumble (1.2.2-6+squeeze2) squeeze-lts; urgency=medium . * Add patch 0006-fix-CVE-2014-3755.patch (ported for mumble in squeeze) http://mumble.info/security/Mumble-SA-2014-005.txt SVG images with local file references could trigger client DoS Closes: #748189, CVE-2014-3755 * Add patch 0007-fix-CVE-2014-3756.patch (ported for mumble in squeeze) http://mumble.info/security/Mumble-SA-2014-006.txt The Mumble client did not properly HTML-escape some external strings before using them in a rich-text (HTML) context. Closes: #748189, CVE-2014-3756 Checksums-Sha1: d1d0b667e73e4b9173a52f6b6f47a7691d2325dc 2523 mumble_1.2.2-6+squeeze2.dsc 6aa2b0d13d1ff2c1c221753025a1ebe9f1061f62 44817 mumble_1.2.2-6+squeeze2.debian.tar.gz eea046ffc17652341b689aeb9692c593fac93a9c 94930 mumble-server-web_1.2.2-6+squeeze2_all.deb fc52a99f13cb930d8f5599e71ec30b5666187dbc 2215318 mumble_1.2.2-6+squeeze2_amd64.deb aa48e4a7171f9df56fed28cf66a21ac5105873e0 1279130 mumble-11x_1.2.2-6+squeeze2_amd64.deb c56686082e2c37bdb7af511cd2d5145fbf5f592f 816556 mumble-server_1.2.2-6+squeeze2_amd64.deb 61db38c0bd5b8bc40758ffc81546f0f7ac13f5ca 24315368 mumble-dbg_1.2.2-6+squeeze2_amd64.deb Checksums-Sha256: c14b0ae7939d4596a3a6184e3745ac6fb41444f9c0adaae340c1116306706936 2523 mumble_1.2.2-6+squeeze2.dsc af80edcd6bbd7e94f2cd5266cb447630ea5c4e40aa417532f962b4d3397db1e7 44817 mumble_1.2.2-6+squeeze2.debian.tar.gz 208ab7e1f4b534bd0afd6d2b9a3ebb4988576447a47a29c587e5d41702cf6575 94930 mumble-server-web_1.2.2-6+squeeze2_all.deb 54e48f4d65fe5967aa563ee83547aaaaa5dd4182d91db514741267a3e5e28b7c 2215318 mumble_1.2.2-6+squeeze2_amd64.deb 120867e83a77d5898ae25eaf13d6f5fddcd9f743ab75fe39274b4cb5f5a4ede6 1279130 mumble-11x_1.2.2-6+squeeze2_amd64.deb 26b34bd91e5dde61fce890ea407168e16ade96fce09a36e85dfd280da103f7f6 816556 mumble-server_1.2.2-6+squeeze2_amd64.deb 168a7a0065c6e38d81fc6d07fa5a40c65d51238f45e1550051ecd85239b228fe 24315368 mumble-dbg_1.2.2-6+squeeze2_amd64.deb Files: c792a89f4763982500199f7e9e03c3e1 2523 sound optional mumble_1.2.2-6+squeeze2.dsc 639622fdbabf653acf8ee4ccb1c84f72 44817 sound optional mumble_1.2.2-6+squeeze2.debian.tar.gz e9e22d7c1aecbb864167166d49e44b74 94930 sound optional mumble-server-web_1.2.2-6+squeeze2_all.deb 968d59141d8a9ab255494e1adf1d3b2f 2215318 sound optional mumble_1.2.2-6+squeeze2_amd64.deb 3606b711361cb5fea9096947c4cb80a0 1279130 sound optional mumble-11x_1.2.2-6+squeeze2_amd64.deb db39bba22a01d2aa62d0fd588c7add2c 816556 sound optional mumble-server_1.2.2-6+squeeze2_amd64.deb d5fa05f999cfe239d56b108af4338e4c 24315368 debug extra mumble-dbg_1.2.2-6+squeeze2_amd64.deb -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJWhZNcAAoJEEkSKbZEGfmqAWAP/RYlt7uGi6aflilJLDrzdkKn qbhIw5qCsjBGcJ8RKS57tdmqM2nsEIXz9JTsVmxXxX/O5vEs33BLWB5eqwgvZeAW lql78J3jOuID1SB0nQoOXM7z+T3XrmeLDUPlrA5eAi0/ixw85phhJWL+wWU6vV3R IyUajDCabuOzXKN9SP6/7MhVFibq4QsKqL9VQwxA0rfx8Ljm35l5Wry12fqWJQMf cVQpMKodmzm5uTdn0g3UYIxOynrcuIyPvyduY+nWWN7xubX+2NUzcBIbf40QY4p1 PaibgvEx0EIh5x+vh5NVaVUAGjEFJuSlmhv5BUZwryhtG6osXaLgwxwRalvAZUDU shTWTY1X3eRttm+xUI/F5H5grK5RqFarjeWQGKvdvyWaj1Hz8iomX6Q7511wOCXa RkeXuL06wNsc54korG98y7MVpd3dV0YD1dx47k8Tg8YXQvlLk/bXhE+cGlckYSuR Y80oZX/xoygpCVBu78U2jefkNfiYejGQxpq/GXiXusPiAtDHa3FPGCPCSxIn2spH d4ncbPuFXa+X17S1WVc2OhRpf+EmxTGj9Yh694Ijkjzm7yIIv7Pg/8xqKQeRY79I 72+88tCNeHQvgnZuF45I/1y/bOSwaO9kI7HbLp+ugCEU1oPZQe0ZsYGdwBkJUMgm a1s0xGn3BVew1QcnF7OJ =C/eW -----END PGP SIGNATURE-----