Re: Wheezy update of krb5?

To: Benjamin Kaduk <kaduk@mit.edu>
Cc: debian-lts@lists.debian.org, Sam Hartman <hartmans@debian.org>
Subject: Re: Wheezy update of krb5?
From: Guido Günther <agx@sigxcpu.org>
Date: Tue, 25 Jul 2017 07:48:59 +0200
Message-id: <[🔎] 20170725054859.ubet5e7u3xaj5r7o@bogon.m.sigxcpu.org>
Mail-followup-to: Guido Günther <agx@sigxcpu.org>, Benjamin Kaduk <kaduk@mit.edu>, debian-lts@lists.debian.org, Sam Hartman <hartmans@debian.org>
In-reply-to: <[🔎] 20170724201727.GG17639@kduck.kaduk.org>
References: <[🔎] 20170722164725.v5pif6qclempqomv@bogon.m.sigxcpu.org> <[🔎] 20170724201727.GG17639@kduck.kaduk.org>

Hi Ben,
On Mon, Jul 24, 2017 at 03:17:27PM -0500, Benjamin Kaduk wrote:
> On Sat, Jul 22, 2017 at 06:47:25PM +0200, Guido Günther wrote:
> > Dear maintainer(s),
> > 
> > The Debian LTS team would like to fix the security issues which are
> > currently open in the Wheezy version of krb5:
> > https://security-tracker.debian.org/tracker/CVE-2017-11368
> 
> You may be interested to note the commentary on #869260 that questions
> whether a DSA is needed for this bug, as it is just a potential NULL
> dereference, and we've had a few of those that did not merit DSAs.

Thanks for the update. We don't have stable point releases where we
could aggregate minor issues for wheezy atm. So I think we should issue
a DLA.
Cheers,
 -- Guido

Reply to:

Follow-Ups:
- Re: Wheezy update of krb5?
  - From: Sam Hartman <hartmans@debian.org>

References:
- Wheezy update of krb5?
  - From: Guido Günther <agx@sigxcpu.org>
- Re: Wheezy update of krb5?
  - From: Benjamin Kaduk <kaduk@mit.edu>

Prev by Date: Re: Wheezy update of krb5?
Next by Date: Need to upgrade to jessie need help
Previous by thread: Re: Wheezy update of krb5?
Next by thread: Re: Wheezy update of krb5?
Index(es):
- Date
- Thread