Bug#982904: mumble: CVE-2021-27229

2021-05-02 Thread Salvatore Bonaccorso
Hi Chris, On Sun, May 02, 2021 at 01:18:58PM +, Chris Knadle wrote: > Salvatore Bonaccorso: > > Hi Chris, > > > > On Sat, May 01, 2021 at 05:52:04PM +, Chris Knadle wrote: > > > Salvatore Bonaccorso: > [...] > > > Yes I submitted release.debian.org bug #987859 last night and did the > >

Bug#982904: mumble: CVE-2021-27229

2021-05-02 Thread Chris Knadle
Salvatore Bonaccorso: Hi Chris, On Sat, May 01, 2021 at 05:52:04PM +, Chris Knadle wrote: Salvatore Bonaccorso: [...] Yes I submitted release.debian.org bug #987859 last night and did the upload (and was "accepted"), which I think fits almost all of the criteria in the link above except

Bug#982904: mumble: CVE-2021-27229

2021-05-01 Thread Chris Knadle
Salvatore Bonaccorso: Hi Chris, On Sat, May 01, 2021 at 05:52:04PM +, Chris Knadle wrote: Salvatore Bonaccorso: [...] Yes I submitted release.debian.org bug #987859 last night and did the upload (and was "accepted"), which I think fits almost all of the criteria in the link above except

Bug#982904: mumble: CVE-2021-27229

2021-05-01 Thread Salvatore Bonaccorso
Hi Chris, On Sat, May 01, 2021 at 05:52:04PM +, Chris Knadle wrote: > Salvatore Bonaccorso: > > Hi Chris, > > > > On Fri, Apr 30, 2021 at 08:12:54PM +, Chris Knadle wrote: > > > Salvatore Bonaccorso: > [...] > > > So now re-reading it, it seems the upload should target "buster" and the >

Bug#982904: mumble: CVE-2021-27229

2021-05-01 Thread Chris Knadle
Salvatore Bonaccorso: Hi Chris, On Fri, Apr 30, 2021 at 08:12:54PM +, Chris Knadle wrote: Salvatore Bonaccorso: [...] So now re-reading it, it seems the upload should target "buster" and the upload I ship should likely be to the "proposed-updates-new" queue. Probably? Somehow I find the

Bug#982904: mumble: CVE-2021-27229

2021-05-01 Thread Salvatore Bonaccorso
Hi Chris, On Fri, Apr 30, 2021 at 09:09:10PM +, Chris Knadle wrote: > Note: for the three messages recently sent (Benedikt, Salvatorie, Chris/me) > that have recently been sent, none went to #982904 because the bug had been > archived. I've unarchived the bug since fixing it for Buster is

Bug#982904: mumble: CVE-2021-27229

2021-05-01 Thread Salvatore Bonaccorso
Hi Chris, On Fri, Apr 30, 2021 at 08:12:54PM +, Chris Knadle wrote: > Salvatore Bonaccorso: > > Hi Benedikt, > > > > On Thu, Apr 29, 2021 at 10:48:56AM +0200, Benedikt Tuchen wrote: > > > Hello > > > > > > Is this bug still observed? > > > > > > We would be very happy to see this problem

Bug#982904: mumble: CVE-2021-27229

2021-04-30 Thread Chris Knadle
Note: for the three messages recently sent (Benedikt, Salvatorie, Chris/me) that have recently been sent, none went to #982904 because the bug had been archived. I've unarchived the bug since fixing it for Buster is still pending. -- Chris -- Chris Knadle chris.kna...@coredump.us

Bug#982904: mumble: CVE-2021-27229

2021-03-04 Thread Chris Knadle
Salvatore Bonaccorso: Hi [Adding CC to security-team alias] On Mon, Mar 01, 2021 at 08:31:54AM +, Chris Knadle wrote: Salvatore Bonaccorso: Source: mumble Version: 1.3.3-1 Severity: grave Tags: security upstream Justification: user security hole Forwarded:

Bug#982904: mumble: CVE-2021-27229

2021-03-01 Thread Salvatore Bonaccorso
Hi [Adding CC to security-team alias] On Mon, Mar 01, 2021 at 08:31:54AM +, Chris Knadle wrote: > Salvatore Bonaccorso: > > Source: mumble > > Version: 1.3.3-1 > > Severity: grave > > Tags: security upstream > > Justification: user security hole > > Forwarded:

Bug#982904: mumble: CVE-2021-27229

2021-03-01 Thread Chris Knadle
Salvatore Bonaccorso: Source: mumble Version: 1.3.3-1 Severity: grave Tags: security upstream Justification: user security hole Forwarded: https://github.com/mumble-voip/mumble/pull/4733 X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for

Bug#982904: mumble: CVE-2021-27229

2021-02-16 Thread Salvatore Bonaccorso
Source: mumble Version: 1.3.3-1 Severity: grave Tags: security upstream Justification: user security hole Forwarded: https://github.com/mumble-voip/mumble/pull/4733 X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for mumble.