On Wed, Jan 10, 2007 at 12:15:41PM -0800, Russ Allbery wrote:
> Marc 'HE' Brockschmidt <he@ftwca.de> writes:
> > Sam Hartman <hartmans@debian.org>, Sam Hartman <hartmans@mit.edu>
> > writes:
> >> krb5 1.4.4-6 fixes mit-sa-2006-2 (see
> >> http://web.mit.edu/kerberos/advisories/ ) which is a fairly serious
> >> bug found through a mostly unrelated problem.
>
> > What's with mit-sa-2006-03 (CVE-2006-6144)? I have no idea about krb, so
> > please forgive me if that question is too stupid :)
>
> It only affects 1.5 and later.
>
For info, the tracking information we use is at:
http://security-tracker.debian.net/tracker/CVE-2006-6143
http://security-tracker.debian.net/tracker/CVE-2006-6144
Testing is vulnerable to CVE-2006-6143, and I reccomend this package for
unblock.
Thanks,
Neil
--
<Tincho> 'Maybe you can try to find a nice hotel by shouting in the Mexico DF
streets "where could a gringo find a decent hotel in this dirty third
world lame excuse for a country?". I'm sure the people will rush to help
you, as we south americans love to be called third world in a demeaning way.'
Attachment:
signature.asc
Description: Digital signature