It looks like the leak was independently(?) reported to upstream and fixed in a somewhat different way, see https://github.com/krb5/krb5/commit/593e16448e1af23eef74689afe06a7bcc86e79c7 . The fix is marked for pullup to the stable branches, so it should get fixed in Debian when we next import an upstream version.
-Ben
