Update 1.16 --> 1.16.1

Major changes in 1.16.1 (2018-05-03)

This is a bug fix release.

• Fix flaws in LDAP DN checking, including a null dereference KDC crash which could be triggered by kadmin clients with administrative privileges [CVE-2018-5729, CVE-2018-5730].

• Fix a KDC PKINIT memory leak.

• Fix a small KDC memory leak on transited or authdata errors when processing TGS requests.

• Fix a regression in pkinit_cert_match matching of client certificates containing Microsoft UPN SANs.

• Fix a null dereference when the KDC sends a large TGS reply.

• Fix "kdestroy -A" with the KCM credential cache type.

• Allow validation of Microsoft PACs containing enterprise names.

• Fix the handling of capaths "." values.

• Fix handling of repeated subsection specifications in profile files (such as when multiple included files specify relations in the same subsection).