ballerina-ldap is an LDAP module for the Ballerina programming language. The project has just released version 1.1.0 of the module. Unfortunately, they do not appear to have provided any release notes to indicate what is included in the release.

LdapRecord aims to provide a simple way to interact with LDAP entries using PHP. The project has released version 3.7.2, which appears to define a number of debug constants.

The LDAP Tool Box project provides a set of LDAP-related applications, administrative tools, and other utilities. They have just released version 1.7.0 of their Self Service Password tool, which is a PHP application that allows users to change their password in an LDAP directory. Changes in this release include:

• Fixed issues that could cause the application to repeatedly send email or SMS messages
• Added the ability to specify the scope for LDAP search requests
• Improved compatibility with external captcha mechanisms
• Improved wording when prompting the user to re-enter the value during a password change
• Fixed an issue in which PHP error messages could be displayed to the end user
• Made improvements to the Docker image
• Added support for Korean and Arabic languages

LdapRecord aims to provide a simple way to interact with LDAP entries using PHP. The project has released version 3.7.1, which appears to better handle the processing around malformed timestamps.

The Open Identity Platform project has released version 4.8.0 of the OpenDJ Directory Server. Changes in this release include:

• Added support for Java 22
• Updated the Docker container to use a newer Java 21 release
• Fixed an issue with SNMP monitoring configuration
• Fixed documentation issues

The Apache Directory Project has announced the release of version 2.1.7 of their Apache Directory LDAP API. Changes in this version appear to include:

• Fixed an ASN.1 parsing issue that could cause the API to attempt to consume very large amounts of memory
• Fixed an issue in which attempting to parse a malformed LDAP URL could cause an infinite loop
• Fixed a potential resource leak in DSML support
• Fixed an unhandled exception when attempting to parse malformed ASN.1 elements
• Fixed an unhandled exception when attempting to parse malformed LDAP URLs
• Updated connection pool behavior so that when closing a connection retrieved from a pool, that connection is released back to the pool
• Added support for the name with entryUUID request control

The Open Identity Platform project has released version 4.7.0 of the OpenDJ Directory Server. Changes in this release include:

• Fixed an issue with incorrect handling for deny ACIs
• Added support for the LDAP relax rules control
• Added support for alias dreferencing
• Added the ability to have multiple deployments using the same Cassandra backend
• Fixed an issue with merging values for virtual and collective attributes
• Skipped the attempt to send a notice of disconnection in the event of an I/O error

The 389 Directory Server project has released versions 3.1.1, 3.0.4, 2.5.2, and 2.4.6. Some of the changes in these releases appear to include:

• Fixed an issue that could allow an unauthenticated client to crash the server with a specially crafted search request (CVE-2024-6237, all versions)
• Fixed an issue that could allow an authenticated user to crash the server while attempting to perform a malformed password update (CVE-2024-2199, all versions)
• Fixed an issue that could allow a client to cause a denial of service with a specially crafted search request (CVE-2024-3657, all versions)
• Fixed an issue that could cause a denial of service while attempting to authenticate as a user with a malformed encoded password (CVE-2024-5953, all versions)
• Fixed an issue that could cause the server to crash while attempting to access referential integrity configuration (version 2.4.6)
• Fixed an issue that could prevent online backups from succeeding (version 3.1.1)
• Fixed an issue that could cause the server to crash while attempting to parse data in the referential integrity log file (version 3.1.1)
• Fixed an issue in which the audit log could include only partial records for large changes (all versions)
• Fixed an issue that could cause an incomplete import when using the LMDB database (versions 3.1.1, 3.0.4, and 2.5.2)
• Fixed an issue that could prevent the password history from being properly updated when a new password is provided in pre-encoded form (version 2.4.6)
• Fixed an issue that could result in an incorrect changelog when reindexing with an LMDB backend (version 2.5.2)
• Fixed an issue that could break replication after restoring a backup (version 2.4.6)
• Fixed an issue that could cause the server to return incorrect results to a VLV search when using an LMDB backend (version 2.5.2)
• Fixed an issue that could prevent adding entries with long RNDs when using an LMDB backend (version 2.5.2)
• Fixed an issue that could cause a web console error when enabling replication for a sub-suffix (all versions)
• Fixed an issue in which singleLevel would not return entries in subordinate backends (all versions)
• Fixed an issue that could prevent the server from responding to a bind attempt in which the target entry is not reachable (version 2.5.2)
• Fixed an issue that could prevent the nsslapd-numlisteners setting from being honored (all versions)
• Fixed an issue that could prevent the nsslapd-maxdescriptors setting from being honored (version 2.4.6)
• Fixed an issue that could prevent the server from properly mapping client certificates to user entries (versions 3.1.1 and 3.0.4)
• Fixed an issue that could prevent dscreate ds-root from working properly when using a relative path (version 2.4.6)
• Fixed an issue that could prevent dscreate from operating in interactive mode when using an LMDB backend (version 2.4.6)
• Fixed various issues with the logconv.pl script (version 2.4.6)
• Fixed an error message that could appear at startup if the server is configured with subordinate backends (all versions)
• Fixed an issue in which an SNMP agent could fail to start as a result of incorrect permissions (versions 3.1.1, 3.0.4, and 2.5.2)
• Fixed an issue in which dsconfig schema does not show the inChain matching rule (versions 2.5.2 and 2.4.6)
• Fixed an issue in which the server could incorrectly format UTC offsets in log messages (version 2.4.6)
• Fixed an issue that could cause a certificate lifetime to be displayed as NaN (version 2.4.6)
• Improved performance when evaluating a filter against an attribute with many values (all versions)
• Added support for JSON-formatted audit logging (version 3.1.1)
• Added support for a password storage scheme using the yescrypt KDF (version 3.1.1)
• Added support for LMDB-related health checks (version 2.5.2)
• Added support for buffered logging (version 2.4.6)
• Updated bind log messages to better indicate when MFA has been used (version 2.4.6)
• Updated the DNA plugin to support customizing the remote bind method and protocol (all versions)
• Updated the server to allow systemd to control the server user rather than using setuid (version 3.1.1)

A new Ldap4j project is underway that attempts to provide a non-blocking LDAP client API for Java. At present, it only appears to support bind, search, StartTLS, and unbind operations, although I assume they also intend to add support for other types of operations.

The Open Identity Platform project has released version 4.6.5 of the OpenDJ Directory Server. Changes in this release include:

• Fixed a bug that could prevent updating from version 3.x to version 4.x
• Fixed a case in which using the control panel to reset a user password could yield an unpredictable result
• Fixed schema-related errors that could occur when using the control panel with a remote server
• Updated the documentation