`pkg audit` erroneously reports krb5-1.20.2 as vulnerable to CVE-2023-39975 but this applies only to 1.21 and higher. Fix: adjust VuXML entry a6986f0f-3ac0-11ee-9a88-206a8a720317 to exclude krb5 < 1.21.
Hello, is anyone actually monitoring bugzilla any more?