Comment 4 for bug 1823422

The upstream issue links to a commit that fixes it:
https://github.com/quanah/heimdal/commit/e3cd069e5c40b455541508b81ffeb0563e882aed

The above commit, as I understand it, is the result of running some script to regenerate the certificates used in the test suite, and then the results were committed. For deb packages, it's a bit of a challenge because it includes binary changes, which can't be represented in a debian/patch/<file>.patch

This comment has a hint about the 32bit issue: https://github.com/heimdal/heimdal/issues/533#issuecomment-477264834

Personally I would prefer to have the test certificates regenerated prior to each test run. That would also handle the 32bit issue, as long as certs expire "soon" (like, on the month of the test run for example).