This update for krb5-appl fixes the following issues: - CVE-2019-25017: Check the filenames sent by the server match those requested by the client . - CVE-2019-25018: Disallow empty incoming filename or ones that refer to the current directory .