Date: Thu, 18 Jun 2020 11:50:20 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 247379] audio/mumble and audio/murmur: update to 1.3.1 (Fixed: Potential exploit in the OCB2 encryption (#4227)) Message-ID: <bug-247379-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D247379 Bug ID: 247379 Summary: audio/mumble and audio/murmur: update to 1.3.1 (Fixed: Potential exploit in the OCB2 encryption (#4227)) Product: Ports & Packages Version: Latest Hardware: Any URL: https://www.mumble.info/blog/mumble-1.3.1-release-anno uncement/ OS: Any Status: New Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: feld@FreeBSD.org Reporter: vvd@unislabs.com Flags: maintainer-feedback?(feld@FreeBSD.org) Assignee: feld@FreeBSD.org Attachment #215734 maintainer-approval? Flags: Flags: maintainer-feedback? Created attachment 215734 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D215734&action= =3Dedit Update to 1.3.1 (Fixed: Potential exploit in the OCB2 encryption (#4227)) Tested on 12.1 amd64 - real usage, not just build. Changes in this Version Security Fixed: Potential exploit in the OCB2 encryption (#4227) ICE Fixed: Added missing UserKDFIterations field to UserInfo =3D> Prevents getRegistration() from failing with enumerator out of range error (#3835) GRPC Fixed: Segmentation fault during murmur shutdown (#3938) Client Fixed: Crash when using multiple monitors (#3756) FIxed: Don=E2=80=99t send empty message from clipboard via shortcut, if= clipboard is empty (#3864) Fixed: Talking indicator being able to freeze to indicate talking when self-muted (#4006) Fixed: High CPU usage for update-check if update server not available (#4019) Fixed: DBus getCurrentUrl returning empty string when not in root-chann= el (#4029) Fixed: Small parts of whispering leaking out to normal talk (#4051) Fixed: Last audio frame of normal talking sent to last whisper target instead when using VoiceActivation (#4050) Fixed: LAN-icon not found in ConnectDialog (#4058) Improved: Set maximal vertical size for User Volume Adjustment dialog (#3801) Improved: Don=E2=80=99t send empty data to PulseAudio (#3316) Improved: Use the SRV resolved port for UDP connections (#3820) Improved: Manual Plugin UI (#3919) Improved: Don=E2=80=99t start Jack server by default (#3990) Improved: Overlay doesn=E2=80=99t hook into all other processes by defa= ult (#4041) Improved: Wait longer before disconnecting from a server due to unanswe= red Ping-messages (#4123) Server Fixed: Possibility to circumvent max user-count in channel (#3880) Fixed: Rate-limit implementation susceptible to time-underflow (#4004) Fixed: OpenSSL error 140E0197 with Qt >=3D 5.12.2 (#4032) Fixed: VersionCheck for SQL for when to use the WAL feature (#4163) Fixed: Wrong database encoding that could lead to server-crash (#4220) Fixed: DB crash due to primary key violation (now performs =E2=80=9CUPS= ERT=E2=80=9D to avoid this) (#4105) Improved: The fields in the Version ProtoBuf message are now size-restricted in order to avoid attacks that can render another client unresponsive (#4101) --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-247379-7788>