- krshd: don't limit user names to 16 chars when utmp can handle names
  at least a bit longer than that (#632442, RT#6773)

- update to 1.0.1

- when checking for pty-handling functions, do so with the benefit of the
  libutil library we think might include them (#595411)

- also obsolete the last versions of krb5-workstation-clients and -servers

- build a split-out krb5-appl package by pruning out all of the non-appl
  parts and resetting the versioning to match the upstream version for the
  newly-split package

- update to 1.8
  - temporarily bundling the krb5-appl package (split upstream as of 1.8)
    until its package review is complete
  - profile.d scriptlets are now only needed by -workstation-clients
  - adjust paths in init scripts
  - drop upstreamed fix for KDC denial of service (CVE-2010-0283)
  - drop patch to check the user's password correctly using crypt(), which
    isn't a code path we hit when we're using PAM

- fix a null pointer dereference and crash introduced in our PAM patch that
  would happen if ftpd was given the name of a user who wasn't known to the
  local system, limited to being triggerable by gssapi-authenticated clients by
  the default xinetd config (Olivier Fourdan, #569472)

- fix a regression (not labeling a kdb database lock file correctly, #569902)

- move the package changelog to the end to match the usual style (jdennis)
- scrub out references to $RPM_SOURCE_DIR (jdennis)
- include a symlink to the readme with the name LICENSE so that people can
  find it more easily (jdennis)

- pull up the change to make kpasswd's behavior better match the docs
  when there's no ccache (#563431)