The Mumble team has released version 1.2.5 of the Mumble VoIP application.
This new version contains two important client-side security fixes. We advise our users to download this update as soon as possible from our SourceForge downloads page: http://sourceforge.net/projects/mumble/files/Mumble/1.2.5/
This release contains no new features. For all practical purposes, it is a bug-fix release on top of 1.2.4.
For a list of known issues with this release, please see the 1.2.5 Known Issues wiki page: http://mumble.sourceforge.net/1.2.5_Known_Issues.
Security advisories for the two fixed vulnerabilities are available below:
If you are using Mumble on Linux or BSD, we recommend that you keep a close eye on your vendor’s security advisories to determine the availability of an update that fixes these vulnerabilities.
The Mumble team
[Update 2014-02-07: added a link to the Known Issues page]