File _patchinfo of Package patchinfo.18258

<patchinfo incident="18258">
  <issue tracker="cve" id="2019-25018"/>
  <issue tracker="cve" id="2019-25017"/>
  <issue tracker="bnc" id="1131109">VUL-0: CVE-2019-25017,CVE-2019-25018: krb5-appl: affects krb5-appl kerberized rcp (related to CVE-2019-6111)</issue>
  <packager>scabrero</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for krb5-appl</summary>
  <description>This update for krb5-appl fixes the following issues:

- CVE-2019-25017: Check the filenames sent by the server match those requested by the client (bsc#1131109).
- CVE-2019-25018: Disallow empty incoming filename or ones that refer to the current directory (bsc#1131109).
</description>
</patchinfo>