Kerberos implementation should be updated
The kerberos implementation in illumos is based on MIT Kerberos 1.6.3, with some enhancements and modifications. The list of the enhancements and modifications might be found at:
Unfortunately, it is unclear how complete the list is (I failed to find a better list, so this is only what we do have).
The MIT Kerberos 1.6.3 was released in October 2007 and is no longer support by MIT, so there might be some security issues.
Based on that, we should consider to refresh the kerberos implementation and resync it with some newer version of MIT Kerberos.
Updated by Alexander Pyhalov about 6 years ago
There's userland gate kerberos version, perhaps it has most of the necessary patches... https://hg.openindiana.org/upstream/oracle/userland-gate/file/9719142d2b5d/components/krb5