(RHSA-2007:1037) Important: openldap security and enhancement update

OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
Protocol) applications and development tools.

A flaw was found in the way OpenLDAP’s slapd daemon handled malformed
objectClasses LDAP attributes. A local or remote attacker could create an
LDAP request which could cause a denial of service by crashing slapd.
(CVE-2007-5707)

In addition, the following feature was added:

• OpenLDAP client tools now have new option to configure their bind timeout.

All users are advised to upgrade to these updated openldap packages, which
contain a backported patch to correct this issue and provide this security
enhancement.