There is a remote denial of service bug in OpenLDAP in version 2.4.42 and earlier [0].
This patch updates OpenLDAP to the latest version. This change will require several hundred packages to be rebuilt. Should it go on security-updates? Your advice requested... [0] https://cve.mitre.org/cgi-bin/cvename.cgi?name=2015-6908 Leo Famulari (1): gnu: openldap: Update to 2.4.44 [fixes CVE-2015-6908]. gnu/packages/openldap.scm | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) -- 2.7.4
