Will Thompson

**Name of the Vulnerable Software and Affected Versions** Telepathy Gabble versions 0.16.x through 0.16.4 Telepathy Gabble versions 0.17.x through 0.17.2 **Description** A hashing algorithm issue allows remote attackers to cause a denial of service, resulting in a NULL pointer dereference and crash, via a crafted message. **Recommendations** For Telepathy Gabble versions 0.16.x through 0.16.4, update to version 0.16.5 or later. For Telepathy Gabble versions 0.17.x through 0.17.2, update to version 0.17.3 or later.

**Name of the Vulnerable Software and Affected Versions** Telepathy Gabble versions 0.8 through 0.8.14 Telepathy Gabble versions 0.10 through 0.10.4 Telepathy Gabble versions 0.11 through 0.11.6 **Description** The issue allows remote attackers to intercept audio and video calls by using a crafted google:jingleinfo stanza. This stanza specifies an alternate server for streamed media, enabling the attacker to sniff the calls. **Recommendations** For versions 0.8 through 0.8.14, update to version 0.8.15 or later. For versions 0.10 through 0.10.4, update to version 0.10.5 or later. For versions 0.11 through 0.11.6, update to version 0.11.7 or later.