Package: src:krb5 Version: 1.10.1+dfsg-4 Severity: serious Tags: security Dear kerberos maintainers,
I noticed that your recent upload of 1.10.1+dfsg-4 fixed CVE-2013-1415, but it does not say anything about CVE-2012-1016. Those two vulnerabilities were fixed in the same upstream release 1.10.4. Could you have a look at whether this particular issue CVE-2012-1016 affects us and downgrade or close this bug as appropriate? Helmut -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
