Leo Famulari <l...@famulari.name> writes: > These are upstream patches, also applied by Debian: > https://security-tracker.debian.org/tracker/CVE-2015-8629
Thanks for this, but I already updated mit-krb5 and applied fixes for these CVEs on the new 'security-updates' branch about 17 hours ago. I'm sorry that your effort was wasted. Mark