Debian
mumble package

lp:debian/wheezy/mumble

  1. Wheezy (7.0)
  2. wheezy
Created by James Westby and last modified
Get this branch:
bzr branch lp:debian/wheezy/mumble
Members of Ubuntu branches can upload to this branch. Log in for directions.

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Status:
Development

Recent revisions

35. By Chris Knadle

* debian/control:
    - remove obsolete Vcs entries. Closes: #681715
* debian/patches:
    - Add two security fixes. Closes: #748189
      Mumble-SA-2014-005.patch CVE-2014-3755
        http://mumble.info/security/Mumble-SA-2014-005.txt
      SVG images with local file references could trigger client DoS
      Mumble-SA-2014-006.patch CVE-2014-3756
        http://mumble.info/security/Mumble-SA-2014-006.txt
      The Mumble client did not properly HTML-escape some external strings
      before using them in a rich-text (HTML) context.
      Thanks to Mikkel Krautz <email address hidden> for reporting the bug,
      and Gregor Herrmann <email address hidden> for updating the patches
      for Wheezy.
    - Add 35-fix-UDP-socket-initialization.diff. Closes: #742091
      Fix UDP communication failing until connected user's mic is activated
      and data sent. Thanks to Mikkel Krautz <email address hidden> for finding
      the issue and fixing upstream.
    - Add 37-fix-connect-dialog-hang-dee463ef.diff. Closes: #688444
      Fix crashing when connecting to a server.
      Thanks to Valentin Lorentz <email address hidden> for reporting the bug.

34. By Salvatore Bonaccorso

* Non-maintainer upload by the Security Team.
* Add Mumble-SA-2014-001.patch patch.
  CVE-2014-0044: A malformed Opus voice packet sent to a Mumble client
  could trigger a NULL pointer dereference or an out-of-bounds array
  access, leading to a crash (Denial of Service).
* Add Mumble-SA-2014-002.patch patch.
  CVE-2014-0045: A malformed Opus voice packet sent to a Mumble client
  could trigger a heap-based buffer overflow. This causes a client crash
  (Denial of Service) and can potentially be used to execute arbitrary
  code.

33. By gregor herrmann

* Non-maintainer upload with maintainer's approval.
* Fix "Plugins: Failed to load libmumble.so: Cannot load library
  /usr/lib/mumble/libmumble.so: (/usr/lib/mumble/libmumble.so:
  undefined symbol: glPopClientAttrib)":

  new patch 30-opengl: link libmumble against libGL to make mumble-overlay /
  pre-loading libmumble work.

  Thanks to Daniel Kahn Gillmor for the bug report, Ron Lee for the
  suggested fix, and Chris Knadle for testing the patch.

  (Closes: #691535)

32. By Chris Knadle

* Non-maintainer upload.
* Fix "Cannot communicate with the vast majority of Mumble servers due
  to lack of required baseline codec":
  re-enable using the bundled celt library:
     debian/patches/series:
       - add 07-use-embedded-celt-baseline patch
     debian/patches/07-use-embedded-celt-baseline:
       - build Celt 0.7.1 and not 0.11.0
     debian/mumble.install:
       - ship Celt 0.7.1 library from the embedded source
     debian/rules:
       - re-enable Celt using the bundled 0.7.1 version
     debian/patches/20-add-opus-threshold-option:
       - fix src/murmur/Meta.cpp to set default iOpusThreshold=100 to only
         switch from Celt to Opus if 100% of connected clients support Opus
         (instead of 1%)
       - fix murmur.ini example for opusthreshold option to =100
         (instead of =1)
       - add #opusthreshold=100 comments to murmur.ini.system (shipped as
         etc/mumble-server.ini) to match murmur.ini example
  Closes: #675971.
  This implements the TC decision in #682010.
  [Thanks to Gregor Herrmann for his help and guidance.]

31. By Ron Lee <email address hidden>

* Drop the hard dep on boost-1.46, that's been removed now. Closes: #678759
  Drop the | dep on alternative boost, since that's what got this package
  overlooked when people were removing boost-1.46.

* Drop the | dep on libgl-dev, that's been gone a long time now too and
  leaves us vulnerable to a similar problem.

* Drop the mumble-server-web package altogether. Upstream reports that it
  is unmaintained and "pretty useless anyway", which seems to be well backed
  up by the fact that a call to Ice_intversion() was added in March 2010,
  and that function has never existed in any version of zeroc-ice ever.
  A function named Ice_intVersion was added to -ice 3.2.1 though ...
  Since it's taken this long for anyone to notice, we can be pretty sure that
  there aren't any actual users of it. Closes: #676815, #676816

* Build-Depend on the unfycked version of zeroc-ice, so the ABI broken one
  doesn't accidentally get used by an out of date buildd. Closes: #675955
  Force building with gcc-4.6, since that's required for zeroc-ice deps now,
  until they get their act together and write some actually legal code.

* Cherry-pick the upstream patches to fix the "audio glitches", and provide
  codec thresholds and warnings. Closes: #675971 since it fixes the only
  actual bug reported there.

* Drop the watch file, since this has been building snapshots from git now
  since 1.2.3-3 (and before).

30. By Ron Lee <email address hidden>

* Adopt the package. Closes: #674719
* Drop the dependency on the celt package. Closes: #674650
* Add the upstream patch to enable opus support.
* Explicitly disable the bundled libs, don't rely on system lib detection
  doing that as a side-effect.

29. By Patrick Matthäi <email address hidden>

* New upstream snapshot from 20.05.2012.
* Build with now available libpulse on hurd-i386.
* Overwrite false positive hardening-no-stackprotector lintian warnings.

28. By Patrick Matthäi <email address hidden>

* New upstream snapshot from 21.03.2012.
* Remove /usr/lib32 building.
  Closes: #667882
* Remove comments from debian/rules.
* Move slice2html call from build-indep-stamp to build-arch-stamp. The build
  documentation is required in an arch:any package.
  Closes: #667883

27. By Patrick Matthäi <email address hidden>

* New upstream snapshot from 16.03.2012.
* Uploading to unstable.

26. By Patrick Matthäi <email address hidden>

* Add Dutch debconf translation.
  Closes: #657632
* Add patch 01-fix-spelling-error.diff to fix an minor spelling error in
  the source code.
* Add patch 05-lsb-description which fixes the lintian warning
  init.d-script-missing-lsb-description.
* Add patch 02-reject-with-ip-in-log to show up the IP address of a rejected
  connection in the mumble-server log.
  Closes: #627139
* Add patch 04-set-file-permissions from Marc Deslauriers, which fixes the
  file permissions of the Mumble database.
  Closes: #659039

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:debian/mumble
This branch contains Public information 
Everyone can see this information.

Subscribers