The OpenLDAP project has announced the release of OpenLDAP version 2.4.51. From the release announcement, some of the changes in this release appear to be:
- Added support for the Netscape password expired/expiring controls as described in https://docs.ldap.com/specs/draft-vchu-ldap-pwd-policy-00
- Fixed an issue that could cause a retry loop when negotiating a TLS session
- Fixed a syncrepl issue that could cause the server to delete attributes that aren’t supposed to be replicated
- Fixed a syncrepl issue that could prevent entries from being properly deleted on a resync
- Fixed a syncrepl issue that could affect the correct replay of changes to single-valued attributes
- Fixed a potential race condition around the tracking of failed authentication attempts
- Updated chaining support to check for referrals
- Fixed issues with the default prefix used when encoding passwords with the Argon2 or PBKDF2 algorithms