The pam_krb5 1.x module calls various des functions from the Kerberos 5 libdes425 library when obtaining initial v4 credentials. On 64-bit architectures, applications which link with OpenSSL's libcrypto pull in a different implementation of these functions which expect arguments to have sizes which differ from those allocated by the pam_krb5 module, and the application may crash when pam_krb5 calls these functions. This incompatibility affects 64-bit platforms on which DES_INT was not defined at compile-time for OpenSSL.
Because changing either library to match the other would break its ABI, I think the best we can do for now is to work around this in pam_krb5.
An errata has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2004-241.html