krb5 (1.6.dfsg.1-5) unstable; urgency=emergency
.
* MIT-SA-2007-4: The kadmin RPC library can free an uninitialized
pointer or write past the end of a stack buffer. This may lead to
execution of arbitrary code. (CVE-2007-2442, CVE-2007-2443)
* MIT-SA-2007-5: kadmind is vulnerable to a stack buffer overflow that
may lead to execution of arbitrary code. (CVE-2007-2798)
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2007-2442
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2007-2443
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2007-2798
--
Please sync krb5 (main) from Debian unstable (main)
https://bugs.launchpad.net/bugs/122907
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
