A vulnerability was discovered and corrected in krb5:

The MIT Kerberos 5 Key Distribution Center (KDC) daemon is vulnerable
to a double-free condition if the Public Key Cryptography for Initial
Authentication (PKINIT) capability is enabled, resulting in daemon
crash or arbitrary code execution (which is believed to be difficult)
(CVE-2011-0284).

The updated packages have been patched to correct this issue.