MITKRB5-SA-2003-001: Multiple vulnerabilities in old releases of MIT Kerberos

Wed Jan 29 13:29:23 EST 2003

>>>>> "Andreas" == Andreas Hasenack <andreas at conectiva.com.br> writes:

    Andreas> Em Tue, Jan 28, 2003 at 04:58:13PM -0500, Ken Raeburn
    Andreas> escreveu: (...)

    >> SUMMARY =======
    >> 
    >> Multiple vulnerabilities have been found in MIT Kerberos 5
    >> releases prior to release 1.2.5.  MIT recommends updating to
    >> 1.2.7 if possible.

    Andreas> Do you realize that version 1.2.7 is still not available
    Andreas> to the rest of the free world?

It is certainly in Debian; the tarball is the same.  Feel free to
check the signature against the MIT release.  We do provide the
signature on the web page.