Synopsis:	Important: openldap security and enhancement update
Issue date:	2007-11-08
CVE Names:	CVE-2007-5707

A flaw was found in the way OpenLDAP's slapd daemon handled malformed
objectClasses LDAP attributes.  A local or remote attacker could create 
an LDAP request which could cause a denial of service by crashing slapd.
(CVE-2007-5707)

In addition, the following feature was added:
* OpenLDAP client tools now have new option to configure their bind timeout

SL 5.x

   SRPMS:
openldap-2.3.27-8.el5_1.1.src.rpm
   i386:
openldap-2.3.27-8.el5.1.i386.rpm
openldap-clients-2.3.27-8.el5.1.i386.rpm
openldap-devel-2.3.27-8.el5.1.i386.rpm
openldap-servers-2.3.27-8.el5.1.i386.rpm
openldap-servers-sql-2.3.27-8.el5.1.i386.rpm
   x86_64:
openldap-2.3.27-8.el5.1.i386.rpm
openldap-2.3.27-8.el5.1.x86_64.rpm
openldap-clients-2.3.27-8.el5.1.x86_64.rpm
openldap-devel-2.3.27-8.el5.1.i386.rpm
openldap-devel-2.3.27-8.el5.1.x86_64.rpm
openldap-servers-2.3.27-8.el5.1.x86_64.rpm
openldap-servers-sql-2.3.27-8.el5.1.x86_64.rpm

-Connie Sieh
-Troy Dawson