On Sat, Sep 20, 2014 at 12:24 PM, Julien Cristau wrote: > On Thu, Apr 25, 2013 at 15:53:40 -0400, Benjamin Kaduk wrote: > >> Hi all, >> >> I've been working with hartmans to get some updates to krb5 into Debian (he >> is pretty busy these days, and I'm at upstream). A couple of issues are >> serious enough that I think they merit being fixed in stable: >> >> #704775 - KDC crash by authenticated user with unmodified client tools >> #704647 - use of reverse DNS cannot be disabled, which breaks many >> configurations >> >> CVE-2013-1415 (KDC null pointer dereference with PKINIT) was not assigned a >> Debian bug number because we imported the fix right away. It is less >> serious than #704775, but the patch is very small and it seemed worth >> including if an upload was to happen. >> >> These patches are all taken from upstream, and are already in wheezy. >> >> Per the quoted mail below (from #704775), Sam is prepared to upload the >> attached debdiff given SRM approval. >> > Hi Benjamin, > > I'm really sorry we didn't reply to this mail in anywhere close to a > reasonable time. As squeeze is now EOL I guess this is now moot. In > the future, please open bugs against the release.debian.org > pseudo-package for proposed stable or oldstable updates, there's less > chance of something slipping through the cracks that way.
Hi Benjamin, You can do a squeeze LTS upload on your own now. Please see: https://wiki.debian.org/LTS/Development Best wishes, Mike -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/CANTw=motkzfmjb8wwwt1ldahgswx4kujs-uay_duckraimy...@mail.gmail.com
