The OpenLDAP project has announced the release of versions 2.6.7 and 2.5.17 of their LDAP directory server. Changes included in these releases appear to include:

• Fixed a potential crash that could occur with connections closed with a notice-of-disconnection response (both versions)
• Fixed a potential crash that could occur with certain dynlist configurations (both versions)
• Fixed an issue in which the server would shut down upon encountering an access control rule with a malformed regular expression (both versions)
• Fixed an issue in which the server could incorrectly disclose an entry’s existence in the matched DN element of a response (both versions)
• Fixed a replication issue involving non-sequential timestamps (both versions)
• Fixed multiple client-side issues that may occur when using TLS (both versions)
• Added an option to disable including the member list in dynlist groups (both versions)
• Fixed a back-asyncmeta issue when trying to use an empty suffixmassage value (both versions)
• Fixed an issue that prevented lloadd from working on systems without a resolv.conf file (both versions)
• Fixed an issue with the formatting for log messages with very long filters (both versions)
• Fixed a replication issue when using both the glue and rwm overlays (version 2.6.7)
• Fixed an issue in which lloadd did not properly read its configuration (version 2.6.7)