-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3626-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk October 22, 2023 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : krb5 Version : 1.17-3+deb10u6 CVE ID : CVE-2023-36054 Debian Bug : 1043431 Potential freeing of an uninitialized pointer in kadm_rpc_xdr.c was fixed in krb5, the MIT implementation of the Kerberos network authentication protocol. For Debian 10 buster, this problem has been fixed in version 1.17-3+deb10u6. We recommend that you upgrade your krb5 packages. For the detailed security status of krb5 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/krb5 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmU1iw4ACgkQiNJCh6LY mLGWpg//edsxfJgl+SQnNIY1p1jr05MJBQ/y0YQ9Gh44AM6BvkwOdrZK5haCx83z VzYyJ3f95rY3fkdoC6E0uh5Q68mVfLpN7+gMiYRQ9QOj59hFrxr6d/b13AnnE5GG +YvP1lWXianKKxg0AI6mLbRBKYsrPXv+UyIT49fRycJX+Ia9VJc4xAzT5nQQ5jUe T1FpypluuIBoHAl+dHB1HHEaeBkUmgPtK+Lx3ZcDUgXqlxhcAGYRDTya38lbkT6p pa2C18t23GNwaGi6HzfFn7Fk5o+Uf/q7hkS0msW17yKN5/vA00QcV5uIL7auDrHL JHdmnCmFCAtgK6pop4U3UXWY12ybaj0kgO+ELTPpo7+LQ1sdDQcpZwfpWiDRhWYM htxaUROjjkfLW2JVt/Nj7dfHCyiZCIRsMvhUpI0O/cRW7Rp9Ar9oKw6RGfwELloj G6XDIhY/E6jUwJEkVVDDWtHy0BtgUBhYSOgpjnMy7ududVEJHJc/5JT0XHZHPyvb A3W3fzVvpXEKZULbnbbVrLAUC9v37w27Ywx0B8Po5FpYnyLCzA81Ol+Ci1rq6o0l Qm/Ljh0kMrdUZ0Nrz6uLc6pf4pT942aQba/tMHkjZ473nokiC/E8qevhQOaf0jxM Wv6sd9vg+/WhD8u2VsTMt3ZfzFp7nERkXBiHuOPdf1NaRABP0l4= =ufsH -----END PGP SIGNATURE-----