Updated openldap packages fix a security vulnerabilityPublication date: 10 Nov 2020
Affected Mageia releases : 7
A vulnerability in the handling of normalization with modrdn was discovered in OpenLDAP. An unauthenticated remote attacker can use this flaw to cause a denial of service (slapd daemon crash) via a specially crafted packet (CVE-2020-25692). Also, the PID file path in the systemd service was fixed to use /run as the$ parent, rather than /var/run, eliminating warning messages in the logs.