diff --git a/pam_krb5-2.2.11-1-refresh-drop-restore-priv.dif b/pam_krb5-2.2.11-1-refresh-drop-restore-priv.dif
index b103147..fb5b5a6 100644
--- a/pam_krb5-2.2.11-1-refresh-drop-restore-priv.dif
+++ b/pam_krb5-2.2.11-1-refresh-drop-restore-priv.dif
@@ -1,6 +1,8 @@
---- src/auth.c
-+++ src/auth.c	2007/03/15 10:55:36
-@@ -418,9 +418,13 @@
+Index: src/auth.c
+===================================================================
+--- src/auth.c.orig
++++ src/auth.c
+@@ -422,9 +422,13 @@ pam_sm_setcred(pam_handle_t *pamh, int f
  		return pam_sm_open_session(pamh, flags, argc, argv);
  	}
  	if (flags & (PAM_REINITIALIZE_CRED | PAM_REFRESH_CRED)) {
@@ -16,9 +18,11 @@
  		} else {
  			return PAM_IGNORE;
  		}
---- src/sly.c
-+++ src/sly.c	2007/03/15 10:46:36
-@@ -146,6 +146,21 @@
+Index: src/sly.c
+===================================================================
+--- src/sly.c.orig
++++ src/sly.c
+@@ -146,6 +146,21 @@ _pam_krb5_sly_looks_unsafe(void)
  	return 0;
  }
  
@@ -40,7 +44,7 @@
  int
  _pam_krb5_sly_maybe_refresh(pam_handle_t *pamh, int flags,
  			    int argc, PAM_KRB5_MAYBE_CONST char **argv)
-@@ -159,6 +174,20 @@
+@@ -159,6 +174,20 @@ _pam_krb5_sly_maybe_refresh(pam_handle_t
  	int i, retval, stored;
  	char *v5ccname, *v4tktfile;
  
@@ -61,7 +65,7 @@
  	/* Inexpensive checks. */
  	switch (_pam_krb5_sly_looks_unsafe()) {
  	case 0:
-@@ -166,18 +195,22 @@
+@@ -166,18 +195,22 @@ _pam_krb5_sly_maybe_refresh(pam_handle_t
  		break;
  	case 1:
  		warn("won't refresh credentials while running under sudo");
@@ -84,7 +88,7 @@
  		return PAM_SERVICE_ERR;
  		break;
  	}
-@@ -185,6 +218,7 @@
+@@ -185,6 +218,7 @@ _pam_krb5_sly_maybe_refresh(pam_handle_t
  	/* Initialize Kerberos. */
  	if (_pam_krb5_init_ctx(&ctx, argc, argv) != 0) {
  		warn("error initializing Kerberos");
@@ -92,7 +96,7 @@
  		return PAM_SERVICE_ERR;
  	}
  
-@@ -193,6 +227,7 @@
+@@ -193,6 +227,7 @@ _pam_krb5_sly_maybe_refresh(pam_handle_t
  	if (i != PAM_SUCCESS) {
  		warn("could not identify user name");
  		krb5_free_context(ctx);
@@ -100,7 +104,7 @@
  		return i;
  	}
  
-@@ -201,6 +236,7 @@
+@@ -201,6 +236,7 @@ _pam_krb5_sly_maybe_refresh(pam_handle_t
  	if (options == NULL) {
  		warn("error parsing options (shouldn't happen)");
  		krb5_free_context(ctx);
@@ -108,7 +112,7 @@
  		return PAM_SERVICE_ERR;
  	}
  	if (options->debug) {
-@@ -222,6 +258,7 @@
+@@ -222,6 +258,7 @@ _pam_krb5_sly_maybe_refresh(pam_handle_t
  		}
  		_pam_krb5_options_free(pamh, ctx, options);
  		krb5_free_context(ctx);
@@ -116,7 +120,7 @@
  		return retval;
  	}
  
-@@ -233,6 +270,7 @@
+@@ -233,6 +270,7 @@ _pam_krb5_sly_maybe_refresh(pam_handle_t
  		_pam_krb5_user_info_free(ctx, userinfo);
  		_pam_krb5_options_free(pamh, ctx, options);
  		krb5_free_context(ctx);
@@ -124,7 +128,7 @@
  		return PAM_IGNORE;
  	}
  
-@@ -244,6 +282,7 @@
+@@ -244,6 +282,7 @@ _pam_krb5_sly_maybe_refresh(pam_handle_t
  		_pam_krb5_user_info_free(ctx, userinfo);
  		_pam_krb5_options_free(pamh, ctx, options);
  		krb5_free_context(ctx);
@@ -132,7 +136,7 @@
  		return PAM_SERVICE_ERR;
  	}
  
-@@ -331,5 +370,6 @@
+@@ -331,5 +370,6 @@ _pam_krb5_sly_maybe_refresh(pam_handle_t
  		      pam_strerror(pamh, retval));
  	}
  
diff --git a/pam_krb5-2.2.13-1.tar.bz2 b/pam_krb5-2.2.13-1.tar.bz2
deleted file mode 100644
index 5dfca71..0000000
--- a/pam_krb5-2.2.13-1.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:7ec331fefec599ed719dae8629cb3b6b86175c29a1269fd47a7c4afd2513cb8e
-size 322810
diff --git a/pam_krb5-2.2.14-1.tar.bz2 b/pam_krb5-2.2.14-1.tar.bz2
new file mode 100644
index 0000000..613a6ba
--- /dev/null
+++ b/pam_krb5-2.2.14-1.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3bc58cf76e1ab98de4ee964edf9611d161c547d1af5c5a29b144ee5a4890141c
+size 322949
diff --git a/pam_krb5.changes b/pam_krb5.changes
index c6d45b3..6b425ee 100644
--- a/pam_krb5.changes
+++ b/pam_krb5.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Mon Jul 16 10:34:08 CEST 2007 - mc@suse.de
+
+- version 2.2.14
+  * treat a "client revoked" error as an "unknown principal" error 
+  * some small bugfixes
+
 -------------------------------------------------------------------
 Fri Jul 13 10:31:01 CEST 2007 - mc@suse.de
 
diff --git a/pam_krb5.spec b/pam_krb5.spec
index 7ac2592..80c2ec7 100644
--- a/pam_krb5.spec
+++ b/pam_krb5.spec
@@ -1,5 +1,5 @@
 #
-# spec file for package pam_krb5 (Version 2.2.13)
+# spec file for package pam_krb5 (Version 2.2.14)
 #
 # Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
 # This file and all modifications and additions to the pristine
@@ -17,7 +17,7 @@ License:        GPL v2 or later
 Group:          Productivity/Networking/Security
 Provides:       pam_krb
 Autoreqprov:    on
-Version:        2.2.13
+Version:        2.2.14
 Release:        1
 Summary:        PAM Module for Kerberos Authentication
 URL:            http://sourceforge.net/projects/pam-krb5/
@@ -75,6 +75,10 @@ rm -rf $RPM_BUILD_ROOT
 %attr(755,root,root) /usr/bin/afs5log
 
 %changelog
+* Mon Jul 16 2007 - mc@suse.de
+- version 2.2.14
+  * treat a "client revoked" error as an "unknown principal" error
+  * some small bugfixes
 * Fri Jul 13 2007 - mc@suse.de
 - version 2.2.13
   * make it possible to have more than one ccache (and tktfile) at