Synopsis: Moderate: openldap security, bug fix, and enhancement Advisory ID: SLSA-2017:1852-1 Issue Date: 2017-08-01 CVE Numbers: CVE-2017-9287 -- The following packages have been upgraded to a later upstream version: openldap (2.4.44). Security Fix(es): * A double-free flaw was found in the way OpenLDAP's slapd server using the MDB backend handled LDAP searches. A remote attacker with access to search the directory could potentially use this flaw to crash slapd by issuing a specially crafted LDAP search query. (CVE-2017-9287) -- SL7 x86_64 openldap-2.4.44-5.el7.i686.rpm openldap-2.4.44-5.el7.x86_64.rpm openldap-clients-2.4.44-5.el7.x86_64.rpm openldap-debuginfo-2.4.44-5.el7.i686.rpm openldap-debuginfo-2.4.44-5.el7.x86_64.rpm openldap-devel-2.4.44-5.el7.i686.rpm openldap-devel-2.4.44-5.el7.x86_64.rpm openldap-servers-2.4.44-5.el7.x86_64.rpm openldap-servers-sql-2.4.44-5.el7.x86_64.rpm - Scientific Linux Development Team