Hrm, the debdiff includes: ++ const int verify = 1;
This patch from upstream removed the 'const': https://github.com/02strich/pykerberos/commit/873fca96cb42ff1c163859a5618dc9983796f438 The commit message includes this "gcc didn't respect the const qualifiers, however" -- I'm not sure I like relying upon a whim of gcc for this. This debdiff does grab the ssss|b vs ssssb change though. Does anything ever want verify = false? Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1716429 Title: pykerberos for trusty does not include CVE-2015-3206 fix To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pykerberos/+bug/1716429/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs