(RHSA-2014:0126) Moderate: openldap security and bug fix update

OpenLDAP is an open source suite of Lightweight Directory Access Protocol
(LDAP) applications and development tools. LDAP is a set of protocols used
to access and maintain distributed directory information services over an
IP network. The openldap package contains configuration files, libraries,
and documentation for OpenLDAP.

A denial of service flaw was found in the way the OpenLDAP server daemon
(slapd) performed reference counting when using the rwm (rewrite/remap)
overlay. A remote attacker able to query the OpenLDAP server could use this
flaw to crash the server by immediately unbinding from the server after
sending a search request. (CVE-2013-4449)

Red Hat would like to thank Michael Vishchers from Seven Principles AG for
reporting this issue.

This update also fixes the following bug:

• Previously, OpenLDAP did not properly handle a number of simultaneous
  updates. As a consequence, sending a number of parallel update requests to
  the server could cause a deadlock. With this update, a superfluous locking
  mechanism causing the deadlock has been removed, thus fixing the bug.
  (BZ#1056124)

All openldap users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues.