A krb5 security update has been released for Debian GNU/Linux 8 and 9 Extended LTS to address a potential freeing of an uninitialized pointer.
ELA-987-1 krb5 security update
Package : krb5
Version : 1.12.1+dfsg-19+deb8u8 (jessie), 1.15-1+deb9u5 (stretch)
Related CVEs :
CVE-2023-36054
Potential freeing of an uninitialized pointer in kadm_rpc_xdr.c
was fixed in krb5, the MIT implementation of the Kerberos network
authentication protocol.