Hi Sam, On Mon, Jul 24, 2017 at 02:09:06PM -0400, Sam Hartman wrote: > Actually, on that note, why does this bug merit a DSA? > It like the other bugs is a simple KDC crash from an authenticated > attacker. > It seems like it should be handled the same.
Yes indeed we can handle it the same. I just have marked it as no-dsa for stretch and jessie. Might any of you have time to prepare an update for an upcoming point release and propose the update to the stable release managers? https://www.debian.org/doc/manuals/developers-reference/ch05.en.html#upload-stable Regards, Salvatore
