Re: [SRM] krb5 changelog missing CVE

[Florian Weimer <fw@deneb.enyo.de>]

* Philipp Kern:

> On Wed, Jan 04, 2012 at 07:48:27AM +0100, Florian Weimer wrote:
>> * Adam D. Barratt:
>> > Apologies if I'm missing something, but if the packages are already in
>> > the queue on security-master, wouldn't it be simpler (and possibly more
>> > logical) to release them from there?  Hmmm, looking at the tracker,
>> > maybe because they're "just" DoS issues?
>> Yes, and we'd have to deal with lenny in some way.
>
> Why is that, given that according to the tracker, lenny isn't even
> affected?  I'd appreciate a fix for a remote DoS of a network service
> through security, to be honest.

Oh well, squeeze-security it is.