File _patchinfo of Package patchinfo.15796

<patchinfo incident="15796">
  <issue tracker="bnc" id="1180068">games:tools/mumble: Old category on .desktop file, shown as lost+found</issue>
  <issue tracker="bnc" id="1182123">VUL-0: mumble: non-http/https URL schemes in website field</issue>
  <packager>AndreasStieger</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for mumble</summary>
  <description>This update for mumble fixes the following issues:

mumble was updated to 1.3.4:

* Fix use of outdated (non-existent) notification icon names
* Fix Security vulnerability caused by allowing non http/https
  URL schemes in public server list (boo#1182123)
* Server: Fix Exit status for actions like --version or --supw
* Fix packet loss &amp; audio artifacts caused by OCB2 XEX*
  mitigation

- update apparmor profiles to get warning free again on 15.2
  - use abstractions for ssl files
  - allow inet dgram sockets as mumble can also work via udp
  - allow netlink socket (probably for dbus)
  - properly allow lsb_release again
  - add support for optional local include
- start murmurd directly as user mumble-server it gets rid of the
  dac_override/setgid/setuid/chown permissions

Update to upstream version 1.3.3

Client:

* Fixed: Chatbox invisble (zero height) (#4388)
* Fixed: Handling of invalid packet sizes (#4394)
* Fixed: Race-condition leading to loss of shortcuts (#4430)
* Fixed: Link in About dialog is now clickable again (#4454)
* Fixed: Sizing issues in ACL-Editor (#4455)
* Improved: PulseAudio now always samples at 48 kHz (#4449)

Server:

* Fixed: Crash due to problems when using PostgreSQL (#4370)
* Fixed: Handling of invalid package sizes (#4392)


This update was imported from the openSUSE:Leap:15.2:Update update project.</description>
</patchinfo>