[Secure-testing-commits] r30767 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Dec 15 20:21:14 UTC 2014
Author: carnil
Date: 2014-12-15 20:21:14 +0000 (Mon, 15 Dec 2014)
New Revision: 30767
Modified:
data/CVE/list
Log:
Add CVE-2014-5353/krb5
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-12-15 20:21:06 UTC (rev 30766)
+++ data/CVE/list 2014-12-15 20:21:14 UTC (rev 30767)
@@ -10131,7 +10131,10 @@
[wheezy] - krb5 <not-affected> (do not expose a way for principal entries to have no long-term key material)
[squeeze] - krb5 <not-affected> (do not expose a way for principal entries to have no long-term key material)
NOTE: Upstream commit: https://github.com/krb5/krb5/commit/04038bf3633c4b909b5ded3072dc88c8c419bf16
+CVE-2014-5353 [misused policy name crashes KDC]
RESERVED
+ - krb5 <unfixed> (bug #773226)
+ NOTE: Upstream commit: https://github.com/krb5/krb5/commit/d1f707024f1d0af6e54a18885322d70fa15ec4d3
CVE-2014-5352
RESERVED
CVE-2014-5351 (The kadm5_randkey_principal_3 function in ...)
More information about the Secure-testing-commits
mailing list