[Secure-testing-team] Bug#768408: python-requests-kerberos: CVE-2014-8650: failure to handle mutual authentication
Salvatore Bonaccorso
carnil at debian.org
Fri Nov 7 09:13:09 UTC 2014
Source: python-requests-kerberos
Version: 0.5-1
Severity: grave
Tags: security upstream patch fixed-upstream
Hi,
the following vulnerability was published for python-requests-kerberos.
CVE-2014-8650[0]:
does not handle mutual authentication
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2014-8650
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1160540
[2] https://github.com/mkomitee/requests-kerberos/commit/9c1e08cc17bb6950455a85d33d391ecd2bce6eb6
Regards,
Salvatore
More information about the Secure-testing-team
mailing list