control: severity -1 important
Salvatore> The following vulnerability was published for krb5.
Salvatore> CVE-2021-36222[0]: | sending a request containing a
Salvatore> PA-ENCRYPTED-CHALLENGE padata element | without using
Salvatore> FAST could result in null dereference in the KDC which |
Salvatore> leads to DoS
On a Debian system with systemd, the KDC will restart, significantly
limiting the impact of this bug.
I'm going to argue for important, although if you want to push to
serious, I won't fight it.
I'm busy with Family obligat scattered throughout the day ions, but it sounded
like Benjamin Kaduk
might be available to help.
If not, I'll have some time and be back to general availability by
Sunday.
--Sam
