On 2026-06-17 21:42, Sam Hartman wrote: > control: severity -1 minor > > > >>>>> "Moritz" == Moritz Mühlenhoff <[email protected]> writes: > > Moritz> bounds read. The attack vector involves a malicious or > Moritz> compromised | LDAP KDB backend returning a krbExtraData > Moritz> attribute with bv_len < 2, | triggering the underflow when > Moritz> the KDC or kadmind reads principal | data. > > The KDB backend (ldap or otherwsie) is fully within the trusted > computing base of a Kerberos plus LDAP deployment. > This is not asecurity bug. > I've included the MR for this, but prefer not to see this NMUed; I'll > include in unstable soon. > Absolutely not worth fixing for stable.
Thank you very much for the feedback!
--
cheers,
Emmanuel Arias
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ [email protected]
⢿⡄⠘⠷⠚⠋⠀ OpenPGP: 13796755BBC72BB8ABE2AEB5 FA9DEC5DE11C63F1
⠈⠳⣄
signature.asc
Description: PGP signature
