Bug#813126: krb5: Memory leak caused by supplying a null principal name in request

Source: krb5 Version: 1.10.1+dfsg-1 Severity: grave Tags: security upstream patch Hi, the following vulnerability was published for krb5. CVE-2015-8631[0]: Memory leak caused by supplying a null principal name in request If you fix the vulnerability please also make sure to include the CVE

Bug#813126: krb5: Memory leak caused by supplying a null principal name in request

How can a memory leak be grave?

Bug#813126: krb5: Memory leak caused by supplying a null principal name in request

Control: severity -1 important Hi Sam, On Fri, Jan 29, 2016 at 11:58:49AM -0500, Sam Hartman wrote: > How can a memory leak be grave? Thanks for your comment; you are right, severity grave is overrated here and I just downgraded it to important. Regards, Salvatore

Processed: Re: Bug#813126: krb5: Memory leak caused by supplying a null principal name in request

Processing control commands: > severity -1 important Bug #813126 [src:krb5] krb5: CVE-2015-8631: Memory leak caused by supplying a null principal name in request Severity set to 'important' from 'grave' -- 813126: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813126 Debian Bug Tracking