Telepathy-gabble Vulnerabilities Fixed in Ubuntu 13.04

Users will have to update the operating system in order to fix the problem

By on June 12th, 2013 21:19 GMT

On June 12, Canonical published details about telepathy-gabble vulnerabilities for its Ubuntu 13.04, Ubuntu 12.10, and Ubuntu 12.04 LTS operating systems.

According to Canonical, several security issues have been fixed in telepathy-gabble.

For example, it has been discovered that telepathy-gabble incorrectly handled TLS when connecting to legacy jabber servers.

If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information.

For a more detailed description of the security problems in question and of the MySQL vulnerabilities, you can visit Canonical's security notification.

Users can simply fix the security flaws by upgrading the operating systems to the latest telepathy-gabble package, specific to each distribution.

A normal system update, executed with the Update Manager, will implement all the necessary changes. A complete system restart is necessary.

Comments