Errata overview
Errata ID 371
Date 2015-09-23
Source package openldap
Fixed in version 2.4.35-1.203.201509141755
This update addresses the following issues:
* When using the mdb backend, the ldap search erroneously returned
  the base object in some cases. This has been fixed.
* If the slapo-deref overlay is used (which is not the case in 
  a standard UCS installation) and if the list of attributes 
  to be dereferenced is left empty, slapd can be crashed (CVE-2015-1545)
* Denial of service by unauthenticated remote attackers
  via crafted BER data (CVE-2015-6908)
Additional notes
CVE ID CVE-2015-1545
UCS Bug number #38424