source: krb5 source-version: 1.8.3+dfsg-4squeeze6 I expect the security team will be issuing a DSA within a couple of days. Also, for unstable, fixed in 1.10.1+dfsg-2
The uploads happened before you opened the bug so they are not reflected in the changelog. Note that squeeze is vulnerable only to one of the two CVEs. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org