MIT notified us of a kadmind uninitialized pointer. Will be public on 04 September 2007, at 14:00 US/Eastern time. This issue has not been triaged as it may well affect recent RHEL distributions with a different severity (flaw type is likely caught by fortify_source)
Created attachment 160739 [details] proposed patch from MIT
now public at http://web.mit.edu/Kerberos/advisories/ removing embargo
This issue was addressed in: Red Hat Enterprise Linux: http://rhn.redhat.com/errata/RHSA-2007-0858.html