[Secure-testing-commits] r17170 - data/CVE

Michael Gilbert Sun, 04 Sep 2011 22:38:16 -0700

Author: gilbert-guest
Date: 2011-09-05 05:38:05 +0000 (Mon, 05 Sep 2011)
New Revision: 17170


Modified:
   data/CVE/list
Log:
krb5 kadmind issue was fixed in the proposed-update a while back

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2011-09-05 05:17:53 UTC (rev 17169)
+++ data/CVE/list       2011-09-05 05:38:05 UTC (rev 17170)
@@ -8455,6 +8455,8 @@
        NOTE: CVE ID requested
 CVE-2011-0285 (The process_chpw_request function in schpw.c in the 
password-changing ...)
        - krb5 1.9.1+dfsg-1 (bug #622681)
+       [squeeze] - krb5 1.8.3+dfsg-4squeeze1
+       [lenny] - krb5 <not-affected> (see below)
        NOTE: 1.6 is not affected: While the error case in the 
process_chpw_request()
        NOTE: in kadmind in 1.6 can leave the data pointer uninitialized, the 
error
        NOTE: path in its caller will not free() that pointer (the invalid 
pointer


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r17170 - data/CVE

Reply via email to