On which patch do you expect me to add DEP-3 header? Is it the debdiff or the included patch (Add-KDC-authenticity-verification-support-CVE-2015-3206.patch)?
Regarding upstream, the patch has been included in 1.1.6 and updated in 1.1.10 regarding the 'verify' option (should have been optional but it was not the case in the first patch).
Regarding the ubuntu versions:
* precise: based on 1.1+svn4895, patch included
* trusty: based on 1.1+svn10616, patch *not* included
* vivid: based on 1.1.5, patch *not* included
* xenial: based on 1.1.5, patch included (updated with second fix)
* zesty: based on 1.1.5, patch included (updated with second fix)
* artful: based on 1.1.5, patch included (updated with second fix)
So only trusty and vivid lack the security patch. I don't know if there's a need to patch vivid as it has already reached EOL.
Hello Simon,
On which patch do you expect me to add DEP-3 header? Is it the debdiff or the included patch (Add-KDC- authenticity- verification- support- CVE-2015- 3206.patch) ?
Regarding upstream, the patch has been included in 1.1.6 and updated in 1.1.10 regarding the 'verify' option (should have been optional but it was not the case in the first patch).
Ref: /github. com/02strich/ pykerberos/ commit/ 02d13860b25fab5 8e739f0e000bed0 067b7c6f9c /github. com/02strich/ pykerberos/ commit/ 5867201f1b9c682 402aa9b495a654b 8f346c8784
* https:/
* https:/
Regarding the ubuntu versions:
* precise: based on 1.1+svn4895, patch included
* trusty: based on 1.1+svn10616, patch *not* included
* vivid: based on 1.1.5, patch *not* included
* xenial: based on 1.1.5, patch included (updated with second fix)
* zesty: based on 1.1.5, patch included (updated with second fix)
* artful: based on 1.1.5, patch included (updated with second fix)
So only trusty and vivid lack the security patch. I don't know if there's a need to patch vivid as it has already reached EOL.