-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 01 Jul 2024 13:40:03 -0600
Source: krb5
Binary: krb5-doc krb5-locales
Architecture: all
Version: 1.18.3-6+deb11u5
Distribution: bullseye-security
Urgency: high
Maintainer: all / amd64 / i386 Build Daemon (x86-conova-02) <buildd_amd64-x86-conova-02@buildd.debian.org>
Changed-By: Sam Hartman <hartmans@debian.org>
Description:
 krb5-doc   - documentation for MIT Kerberos
 krb5-locales - internationalization support for MIT Kerberos
Changes:
 krb5 (1.18.3-6+deb11u5) bullseye-security; urgency=high
 .
   * CVE-2024-37370: an unauthenticated attacker can modify the
     extra count in an RFC 4121 GSS token, causing the token to appear
     truncated.
   * CVE-2024-37371: an attacker can cause invalid memory reads by
     sending an invalid GSS token.
Checksums-Sha1:
 a0cdf13185cacf8f7935e08004d5450b48cacc49 2372612 krb5-doc_1.18.3-6+deb11u5_all.deb
 c50dfbd353cb688fc5dba8d09c01794a989ff761 95704 krb5-locales_1.18.3-6+deb11u5_all.deb
 d99450c0db4e8a8eb335ed9f6c4bad8cc74d8a82 11890 krb5_1.18.3-6+deb11u5_all-buildd.buildinfo
Checksums-Sha256:
 6e1b89431c5c9502c4de04029f8817dcf8afbfec15ac01f74fa0d6cd6082c8a8 2372612 krb5-doc_1.18.3-6+deb11u5_all.deb
 e7312ab89e98003b8bae17e63fdc1f2f1faf82c993a34730ab62091ba437468f 95704 krb5-locales_1.18.3-6+deb11u5_all.deb
 39374e2366eb162745e5d196810da28d38c525c5b5caa15fbb62a87182561557 11890 krb5_1.18.3-6+deb11u5_all-buildd.buildinfo
Files:
 8656d70925aa11f38bdc6a1b4d4e5f27 2372612 doc optional krb5-doc_1.18.3-6+deb11u5_all.deb
 52dcd46092ecea6d39e7a27eeb42e631 95704 localization optional krb5-locales_1.18.3-6+deb11u5_all.deb
 a2039925c4885da5a45feedb0adb688f 11890 net optional krb5_1.18.3-6+deb11u5_all-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEErEDrIdpJkzFMm6K+PyQET5WCY90FAmaDG+kACgkQPyQET5WC
Y91vHw//Q5oE8W2gCbKiSc9E3n/why4LQcqS3lhXVaPx6fLPHGCX/U08JRMPKgp3
hrPpX99O5QjUVSQRpSP9o24c8FtrQffLjeb9qTV89bSr+9hQh/SV6FWwA6m6QyAK
81it5y70TrzTKBfEmdg6VJev3CUHW+1rJj1ta5ntdfv/7BJyAkb9Ip9O+M2y0bme
mv+Lw04Y9pBIm5GsnZzfJu3+bLGR8g3CJFpq6EHdWrnX1HGxGCjK7gjJf6YuzCo8
NuCh8blG0Grm8cdbPKKqI4w9oNj5yZSSe4EGkmlcIxEZRxNu4v91kRMkdMo0hzyi
OOzZ6bGaOpNP5xpb9AqJQXEUWSuLhaRmkE439mePfVD+dX49oHKUre4HueZBHcRK
yk7Edv6C3DSAehPGEPaxY9lJnbDR48wVm4ZRqEFRK6maz/2ppZWfZHhD7W/PnjtW
ClU1HaVc0AEimbswBP3buaHYqzXY5w9JGDzOCi1WFny9v+jK0cc7QnEcoUddebOc
j2Qvt2qtak1b0zDiwsk8WJoxh8HOLHQgYk0oFuPPiOj/iV+kbehl/X6RL8+/17t8
+51TjbzKNw0W0TGMJ018RkGQ/+OpAHrCzAaRs51yvd6BDXMZC3TI941GKzj+VMdz
VXlxucfQBNW8nOmA85pbPEmo0Xw0mpMnsj7iz/Y1Q1EE02CsPgA=
=pbFf
-----END PGP SIGNATURE-----