Add CVE for buffer overflow security fix

rra · Mar 29, 2020 · e7879e2 · e7879e2
1 parent 74ef247
commit e7879e2
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/NEWS b/NEWS
@@ -5,6 +5,7 @@ pam-krb5 4.9 (unreleased)
     SECURITY: All previous versions of this module could overflow the
     buffer provided by the underlying Kerberos library for the response to
     a prompt by writing a single nul character past the end of the buffer.
+    (CVE-2020-10595)
 
     Support use_pkinit with MIT Kerberos.  (Debian Bug#871699)