Public bug reported: Binary package hint: mumble
Upon to connecting to a server which has a reasonable "Common Name" set using an "incorrect" hostname, mumble dies. To reproduce, set up a mumble-server to use a certificate with the servers host as the "Common Name" and start it with this. If the key is password-protected, you should be asked for your passphrase upon starting it, if it is not stored in an unencrypted way. If you now connect to that server using the hostname as defined in the "Common Name" of the SSL certificate, the connection should work fine. As soon as you connect to this server using a different address (e. g. localhost instead of mumble.example.org) than this, the mumble client crashes with SIGSEGV. The behaviour I would have expected would be a dialoge popping up, asking whether to connect even though the certificate's hostname does not match the actual host. --- cat /etc/lsb-release --- DISTRIB_ID=Ubuntu DISTRIB_RELEASE=8.04 DISTRIB_CODENAME=hardy DISTRIB_DESCRIPTION="Ubuntu hardy (development branch)" --- /cat /etc/lsb-release --- --- apt-cache policy mumble --- mumble: Installed: 1.1.3-0ubuntu1 Candidate: 1.1.3-0ubuntu1 Version table: *** 1.1.3-0ubuntu1 0 500 http://archive.ubuntu.com hardy/universe Packages 100 /var/lib/dpkg/status --- /apt-cache policy mumble --- ** Affects: mumble (Ubuntu) Importance: Undecided Assignee: Thorvald Natvig (slicer) Status: New -- Mumble crashes when connecting to certain SSL certificate authenticated servers https://bugs.launchpad.net/bugs/202776 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs