Source: heimdal Version: 7.8.git20221117.28daf24+dfsg-1 Severity: grave Tags: upstream Forwarded: https://www.openwall.com/lists/oss-security/2023/02/08/1
Hi, Debian's heimdal is also vulnerable to CVE-2022-45142. Refer to the openwall publication for details. Note that this vulnerability only applies to heimdal's maintenance branches and never affected its main development branch. It can be fixed either by applying the patch or by moving to the development branch. Salvatore will be issuing a DSA today. I'll be taking care of older releases. Helmut
