Re: Wheezy update of krb5?

To: Guido Günther <agx@sigxcpu.org>, debian-lts@lists.debian.org
Cc: Sam Hartman <hartmans@debian.org>
Subject: Re: Wheezy update of krb5?
From: Benjamin Kaduk <kaduk@mit.edu>
Date: Mon, 24 Jul 2017 15:17:27 -0500
Message-id: <[🔎] 20170724201727.GG17639@kduck.kaduk.org>
In-reply-to: <[🔎] 20170722164725.v5pif6qclempqomv@bogon.m.sigxcpu.org>
References: <[🔎] 20170722164725.v5pif6qclempqomv@bogon.m.sigxcpu.org>

On Sat, Jul 22, 2017 at 06:47:25PM +0200, Guido Günther wrote:
> Dear maintainer(s),
> 
> The Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of krb5:
> https://security-tracker.debian.org/tracker/CVE-2017-11368

You may be interested to note the commentary on #869260 that questions
whether a DSA is needed for this bug, as it is just a potential NULL
dereference, and we've had a few of those that did not merit DSAs.

-Ben

Reply to:

Follow-Ups:
- Re: Wheezy update of krb5?
  - From: Guido Günther <agx@sigxcpu.org>

References:
- Wheezy update of krb5?
  - From: Guido Günther <agx@sigxcpu.org>

Prev by Date: Re: About the security issues affecting catdoc in Wheezy
Next by Date: Re: Wheezy update of krb5?
Previous by thread: Wheezy update of krb5?
Next by thread: Re: Wheezy update of krb5?
Index(es):
- Date
- Thread