Symas has released version 2.4.49.1 of their OpenLDAP Gold product, which is an enhanced version of OpenLDAP with additional features and commercial support. According to the release announcement and the release notes, changes in this release include:
- Provide an updated version of Cyrus-SASL, including a fix for CVE-2019-19906
- Provide an updated version of OpenSSL, including a fix for CVE-2019-1551
- Improved dynlist support, including supporting group membership queries
- Added an entry count to the monitor for the slapd-mdb backend
- Prevent clients from including controls in cancel and abandon requests
- Fix a memory and file descriptor management issues in libldap
- Improve error handling during connection setup
- Fixed an indexing issue in the slapd-mdb backend
- Fixed password policy issues