These vulnerabilities are still unpatched in gentoo's mit-krb5 ebuild: http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-004.txt http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-005.txt http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt Applying patches listed in those advisories should resolve the problem. 2007-004 and 2007-005 are fixed in newer 1.5.x releases of mit-krb5.
I don't know which ebuild you're talking about, but SA 004 and 005 are fixed in app-crypt/mit-krb5-1.5.3 and SA 006 will be fixed with bug 191301. *** This bug has been marked as a duplicate of bug 191301 ***