Apply by doing:
	cd /usr/src
	patch -p0 < 008_kerberos.patch

Rebuild and install the Kerberos 5 library:
	cd lib/libkrb5
	make obj
	make depend
	make
	make install

And then rebuild and install the Kerberos 5 KDC:
	cd ../../kerberosV/libexec/kdc
	make obj
	make depend
	make
	make install


Index: kerberosV/src/lib/krb5/crypto.c
===================================================================
RCS file: /cvs/src/kerberosV/src/lib/krb5/crypto.c,v
retrieving revision 1.10
diff -p -u -p -u -r1.10 crypto.c
--- kerberosV/src/lib/krb5/crypto.c	6 Oct 2006 07:09:10 -0000	1.10
+++ kerberosV/src/lib/krb5/crypto.c	30 Mar 2010 17:29:13 -0000
@@ -3451,6 +3451,12 @@ decrypt_internal_derived(krb5_context co
 	return KRB5_BAD_MSIZE;
     }
 
+    if (len < checksum_sz + et->confoundersize) {
+	krb5_set_error_string(context, "Encrypted data shorter then "
+				  "checksum + confunder");
+	return KRB5_BAD_MSIZE;
+    }
+
     p = malloc(len);
     if(len != 0 && p == NULL) {
 	krb5_set_error_string(context, "malloc: out of memory");
@@ -3525,6 +3531,13 @@ decrypt_internal(krb5_context context,
     }
 
     checksum_sz = CHECKSUMSIZE(et->checksum);
+
+    if (len < checksum_sz + et->confoundersize) {
+	krb5_set_error_string(context, "Encrypted data shorter then "
+				  "checksum + confunder");
+	return KRB5_BAD_MSIZE;
+    }
+
     p = malloc(len);
     if(len != 0 && p == NULL) {
 	krb5_set_error_string(context, "malloc: out of memory");
@@ -3587,6 +3600,12 @@ decrypt_internal_special(krb5_context co
 
     if ((len % et->padsize) != 0) {
 	krb5_clear_error_string(context);
+	return KRB5_BAD_MSIZE;
+    }
+
+    if (len < cksum_sz + et->confoundersize) {
+	krb5_set_error_string(context, "Encrypted data shorter then "
+				  "checksum + confunder");
 	return KRB5_BAD_MSIZE;
     }