This bug was fixed in the package pykerberos - 1.1+svn10616-2ubuntu0.1 --------------- pykerberos (1.1+svn10616-2ubuntu0.1) trusty-security; urgency=medium
* SECURITY UPDATE: The checkPassword function does not authenticate the KDC it attempts to communicate with (LP: #1716429) - Add-KDC-authenticity-verification-support-CVE-2015-3206.patch retrieved from xenial version (1.1.5-2build1). - CVE-2015-3206 - debian/NEWS: add explanation of issue and default chosen -- Mathieu Lafon <mla...@gmail.com> Thu, 05 Oct 2017 09:32:55 +0200 ** Changed in: pykerberos (Ubuntu Trusty) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1716429 Title: pykerberos for trusty does not include CVE-2015-3206 fix To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pykerberos/+bug/1716429/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs