Package: libgssapi-krb5-2 Version: 1.10.1+dfsg-5+deb7u1
Upstream has committed a fix for CVE-2014-4343 to their git repo; we should take it as well, and probably push it back into the -security repos for stable.
It's a double-free in clients, but not the default configuration. I should be able to get the patch into git later today. Sam, are you going to be too busy with IETF to do the upload? -Ben -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
