Comment 11 for bug 1716429

This bug was fixed in the package pykerberos - 1.1+svn10616-2ubuntu0.1

---------------
pykerberos (1.1+svn10616-2ubuntu0.1) trusty-security; urgency=medium

  * SECURITY UPDATE: The checkPassword function does not authenticate the
    KDC it attempts to communicate with (LP: #1716429)
    - Add-KDC-authenticity-verification-support-CVE-2015-3206.patch
      retrieved from xenial version (1.1.5-2build1).
    - CVE-2015-3206
    - debian/NEWS: add explanation of issue and default chosen

 -- Mathieu Lafon <email address hidden> Thu, 05 Oct 2017 09:32:55 +0200