add candidate patch to correct KDC null pointer dereference which
could be triggered by malformed client requests (CVE-2010-1321, #583703)
[1.6.1-36.el5_5.3]
add upstream patch to fix a few use-after-free bugs, including one in
kadmind (CVE-2010-0629, #578185)