On Wed, 6 Nov 2013, Salvatore Bonaccorso wrote:
Package: krb5
Severity: grave
Tags: security upstream patch
Hi,
the following vulnerability was published for krb5.
CVE-2013-1418[0]:
multi-realm KDC null dereference leads to crash
[Puts on upstream hat]
Note that we believe it to be very uncommon for a single KDC to be serving
multiple realms. I can't say whether that affects the assignment of
severity 'grave' or not, though.
-Ben Kaduk
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
