[removing submit@]
On Mon, 15 Dec 2014, Sam Hartman wrote:
> control: severity -1 important
>
> It might be worth getting these two into jessie if the release team is
> willing. I think pre-approved fixes are valid until KJanuary 5 and so
> we should figure out how to get pre-approval if you agr
control: severity -1 important
It might be worth getting these two into jessie if the release team is
willing. I think pre-approved fixes are valid until KJanuary 5 and so
we should figure out how to get pre-approval if you agree.
--sam
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lis
package: krb5-kdc-ldap
version: 1.12.1+dfsg-15
tags: security pending
Upstream has patched CVE-2014-5354:
In MIT krb5, when kadmind is configured to use LDAP for the KDC
database, an authenticated remote attacker can cause a NULL
dereference by inserting into the database a principal
3 matches
Mail list logo
