Content-Type: text/plain; charset=UTF-8
Content-Length: 990

Following patch fixes the problem. The issue can be reproduced by
generating keytab file with multiple encryption types. For example on a
Windows server use ktpass with enctype set to All to generate the keytab
file.

--- /home/seemant/Downloads/krb5-1.14.3/src/lib/krb5/krb/srv_dec_tkt.c
2016-07-20
15:32:50.000000000 -0700
+++ srv_dec_tkt.c 2016-08-22 11:03:32.816586243 -0700
@@ -99,8 +99,11 @@
         retval = KRB5_KT_NOTFOUND;
         while ((code = krb5_kt_next_entry(context, keytab,
                                           &ktent, &cursor)) == 0) {
-            if (ktent.key.enctype != ticket->enc_part.enctype)
+            if (ktent.key.enctype != ticket->enc_part.enctype) {
+                /* We need to free the entry to avoid memory leak */
+                *(void) krb5_free_keytab_entry_contents(context, &ktent);*
                 continue;
+            }

             retval = decrypt_ticket_keyblock(context, &ktent.key, ticket);
             if (retval == 0) {