Source: pykerberos Severity: important Tags: security CVE-2015-3206 was assigned to the fact that pykerberos doesn't validate the authenticity of the KDC in checkPassword(). Fix is here: https://github.com/02strich/pykerberos/commit/02d13860b25fab58e739f0e000bed0067b7c6f9c.patch
For unstable we should probably enable it by default and keep
the status quo for earlier releases.
Cheers,
Moritz
