[Bug 122907] Re: Please sync krb5 (main) from Debian unstable (main)

Thu Jun 28 22:50:33 BST 2007

 krb5 (1.6.dfsg.1-5) unstable; urgency=emergency
 .
   * MIT-SA-2007-4: The kadmin RPC library can free an uninitialized
     pointer or write past the end of a stack buffer.  This may lead to
     execution of arbitrary code.  (CVE-2007-2442, CVE-2007-2443)
   * MIT-SA-2007-5: kadmind is vulnerable to a stack buffer overflow that
     may lead to execution of arbitrary code.  (CVE-2007-2798)

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2007-2442

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2007-2443

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2007-2798

-- 
Please sync krb5 (main) from Debian unstable (main)
https://bugs.launchpad.net/bugs/122907
You received this bug notification because you are a member of Ubuntu
Package Archive Administrators, which is a direct subscriber.