From 210740c63e59d4ad1c2e1352139677b9b5f568f1 Mon Sep 17 00:00:00 2001
From: Adrian Bunk <bunk@debian.org>
Date: Thu, 30 Sep 2021 23:02:37 +0300
Subject: Reserve DLA-2771-1 for krb5

---
 data/CVE/list       | 3 ---
 data/DLA/list       | 3 +++
 data/dla-needed.txt | 3 ---
 3 files changed, 3 insertions(+), 6 deletions(-)

(limited to 'data')

diff --git a/data/CVE/list b/data/CVE/list
index 73ebc43d38..410f6d1c52 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -182665,7 +182665,6 @@ CVE-2018-20218 (An issue was discovered on Teracue ENC-400 devices with firmware
 CVE-2018-20217 (A Reachable Assertion issue was discovered in the KDC in MIT Kerberos  ...)
 	{DLA-1643-1}
 	- krb5 1.16.2-1 (low; bug #917387)
-	[stretch] - krb5 <no-dsa> (Minor issue)
 	NOTE: http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763
 	NOTE: https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086
 CVE-2018-20216 (QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c becaus ...)
@@ -230068,13 +230067,11 @@ CVE-2018-5731 (An issue was discovered in Heimdal PRO 2.2.190. As part of the sc
 CVE-2018-5730 (MIT krb5 1.6 or later allows an authenticated kadmin with permission t ...)
 	{DLA-1643-1}
 	- krb5 1.16.1-1 (bug #891869)
-	[stretch] - krb5 <no-dsa> (Minor issue)
 	[wheezy] - krb5 <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/krb5/krb5/commit/e1caf6fb74981da62039846931ebdffed71309d1
 CVE-2018-5729 (MIT krb5 1.6 or later allows an authenticated kadmin with permission t ...)
 	{DLA-1643-1}
 	- krb5 1.16.1-1 (bug #891869)
-	[stretch] - krb5 <no-dsa> (Minor issue)
 	[wheezy] - krb5 <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/krb5/krb5/commit/e1caf6fb74981da62039846931ebdffed71309d1
 CVE-2018-5728 (Cobham Sea Tel 121 build 222701 devices allow remote attackers to obta ...)
diff --git a/data/DLA/list b/data/DLA/list
index 57ea2d07df..481a42262f 100644
--- a/data/DLA/list
+++ b/data/DLA/list
@@ -1,3 +1,6 @@
+[30 Sep 2021] DLA-2771-1 krb5 - security update
+	{CVE-2018-5729 CVE-2018-5730 CVE-2018-20217 CVE-2021-37750}
+	[stretch] - krb5 1.15-1+deb9u3
 [30 Sep 2021] DLA-2770-1 weechat - security update
 	{CVE-2020-8955 CVE-2020-9759 CVE-2020-9760 CVE-2021-40516}
 	[stretch] - weechat 1.6-1+deb9u3
diff --git a/data/dla-needed.txt b/data/dla-needed.txt
index 7e69a98fee..aeaa1e0cdf 100644
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -51,9 +51,6 @@ firmware-nonfree
 --
 jsoup (Markus Koschany)
 --
-krb5 (Adrian Bunk)
-  NOTE: 20210905: testing fixes
---
 linux (Ben Hutchings)
 --
 linux-4.19 (Ben Hutchings)
-- 
cgit v1.2.3