Require krb5 with fix for CVE-2018-20217
A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5
(aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using
an older encryption type (single-DES, triple-DES, or RC4), the attacker
can crash the KDC by making an S4U2Self request.
1.16.1-24 comes without Fix-bugs-with-concurrent-use-of-MEMORY-ccaches,
which caused a regression with IPA.
See: https://nvd.nist.gov/vuln/detail/CVE-2018-20217
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>