* Sam Hartman: > Florian Weimer noticed that the krb5 changelog in squeeze was missing a > CVE that was fixed in the patch applied. > He proposes to make a new upload that corrects the changelog so that > people who track security issues from the changelog will find the fix:
Sorry, there seems to be a slight misunderstanding. The changelog was indeed incorrect, but even that upload never made it to the archive. To clarify, we would like to fix the issues described in this announcement: From: Tom Yu <[email protected]> Subject: MITKRB5-SA-2011-006 KDC denial of service vulnerabilities [CVE-2011-1527 CVE-2011-1528 CVE-2011-1529] To: [email protected] Date: Tue, 18 Oct 2011 14:06:02 -0400 Message-ID: <[email protected]> (CVE-2011-1527 does not affect squeeze.) We already have packages built for (all?) 13 architectures. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
