[Git][security-tracker-team/security-tracker][master] Reserve DLA-4195-1 for krb5

Bastien Roucariès (@rouca) rouca at debian.org
Fri May 30 16:08:45 BST 2025 


Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dd145aea by Bastien Roucariès at 2025-05-30T17:08:34+02:00
Reserve DLA-4195-1 for krb5

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[30 May 2025] DLA-4195-1 krb5 - security update
+	{CVE-2025-3576}
+	[bullseye] - krb5 1.18.3-6+deb11u7
 [30 May 2025] DLA-4194-1 thunderbird - security update
 	{CVE-2025-4918 CVE-2025-4919 CVE-2025-5263 CVE-2025-5264 CVE-2025-5266 CVE-2025-5267 CVE-2025-5268 CVE-2025-5269 CVE-2025-5283}
 	[bullseye] - thunderbird 1:128.11.0esr-1~deb11u1


=====================================
data/dla-needed.txt
=====================================
@@ -169,13 +169,6 @@ knot-resolver (eamanu)
   NOTE: 20250506: Writting to upstream to get a PoC to reproduce open CVEs.
   NOTE: 20250522: Processing some tips received by upstream to try to reproduce CVE. Still working on the patches.
 --
-krb5 (rouca)
-  NOTE: 20250422: Added by Front-Desk (rouca)
-  NOTE: 20250422: Backporting knob allow_des3 and allow_rc4 variables in [libdefaults] may be suffisant (rouca)
-  NOTE: 20250504: Bookworm PU on review (rouca)
-  NOTE: 20250527: Bookworm PU released (rouca)
-  NOTE: 20250527: Use default no for knob for bullseye. Wait for review (rouca)
---
 libmojolicious-perl (Sean Whitton)
   NOTE: 20250506: Added by Front-Desk (Beuc)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd145aea95b7f01f0317a0bdb23085b1e0311eea

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd145aea95b7f01f0317a0bdb23085b1e0311eea
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250530/9bbd9b76/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list