OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools.
A flaw was found in the way OpenLDAP's slapd daemon handled malformed objectClasses LDAP attributes. A local or remote attacker could create an LDAP request which could cause a denial of service by crashing slapd. (CVE-2007-5707)
In addition, the following feature was added: * OpenLDAP client tools now have new option to configure their bind timeout.
All users are advised to upgrade to these updated openldap packages, which contain a backported patch to correct this issue and provide this security enhancement.