krb5 has been updated to fix four security issues:
* CVE-2014-5352: gss_process_context_token() incorrectly frees context
(bsc#912002)
* CVE-2014-9421: kadmind doubly frees partial deserialization results
(bsc#912002)
* CVE-2014-9422: kadmind incorrectly validates server principal name
(bsc#912002)
* CVE-2014-9423: libgssrpc server applications leak uninitialized
bytes (bsc#912002)
Additionally, these non-security issues have been fixed:
* Winbind process hangs indefinitely without DC. (bsc#872912)
* Hanging winbind processes. (bsc#906557)
Security Issues:
* CVE-2014-5352
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352</a>>
* CVE-2014-9421
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421</a>>
* CVE-2014-9422
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422</a>>
* CVE-2014-9423
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423</a>>