Multiple vulnerabilities has been found and corrected in krb5: The krb5_ldap_lockout_audit function in the Key Distribution Center in MIT Kerberos 5 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service via unspecified vectors, related to the locked_check_p function . The lookup_lockout_policy function in the Key Distribution Center in MIT Kerberos 5 1.8 through 1.8.4 and 1.9 through 1.9.1, when the db2 or LDAP back end is used, allows remote attackers to cause a denial of service via vectors that trigger certain process_as_req errors . The updated packages have been patched to correct these issues.