Control: severity - 1 important Hi Benjamin,
On Wed, Nov 06, 2013 at 01:28:36PM -0500, Benjamin Kaduk wrote: > On Wed, 6 Nov 2013, Salvatore Bonaccorso wrote: > > >Package: krb5 > >Severity: grave > >Tags: security upstream patch > > > >Hi, > > > >the following vulnerability was published for krb5. > > > >CVE-2013-1418[0]: > >multi-realm KDC null dereference leads to crash > > [Puts on upstream hat] > Note that we believe it to be very uncommon for a single KDC to be > serving multiple realms. I can't say whether that affects the > assignment of severity 'grave' or not, though. Apologies for the late reply, I missed your update. Thanks for confirming this from upstream point of view. I'm lowering the severity to 'important'. Thanks and regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
