CVE-2019-1000029

NameCVE-2019-1000029
DescriptionDoS due to changing # of allowed users in root channel
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs920476

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
mumble (PTS)bullseye1.3.4-1fixed
bookworm1.3.4-4fixed
sid, trixie1.5.517-2.1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
mumblesourcejessie(not affected)
mumblesourcestretch(not affected)
mumblesource(unstable)1.3.0~git20190125.440b173+dfsg-1920476

Notes

[stretch] - mumble <not-affected> (Vulnerable code introduced later)
[jessie] - mumble <not-affected> (Vulnerable code introduced later)
https://github.com/mumble-voip/mumble/issues/3585
Introduced in: https://github.com/mumble-voip/mumble/commit/84b1bcecef790a84d10b2d1f2060c1681a2bb836
Fixed by: https://github.com/mumble-voip/mumble/commit/3edc46ff7308691d342f8c08ce1afaaefce35a5c

Search for package or bug name: Reporting problems