Author: gilbert-guest Date: 2011-09-05 05:38:05 +0000 (Mon, 05 Sep 2011) New Revision: 17170 Modified: data/CVE/list Log: krb5 kadmind issue was fixed in the proposed-update a while back Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-09-05 05:17:53 UTC (rev 17169) +++ data/CVE/list 2011-09-05 05:38:05 UTC (rev 17170) @@ -8455,6 +8455,8 @@ NOTE: CVE ID requested CVE-2011-0285 (The process_chpw_request function in schpw.c in the password-changing ...) - krb5 1.9.1+dfsg-1 (bug #622681) + [squeeze] - krb5 1.8.3+dfsg-4squeeze1 + [lenny] - krb5 <not-affected> (see below) NOTE: 1.6 is not affected: While the error case in the process_chpw_request() NOTE: in kadmind in 1.6 can leave the data pointer uninitialized, the error NOTE: path in its caller will not free() that pointer (the invalid pointer