This update for openldap2 fixes the following issues: Security issue fixed: - CVE-2019-13565: Fixed an authentication bypass when using SASL authentication and session encryption . - CVE-2019-13057: Fixed an issue with delegated database admin privileges . - CVE-2017-17740: When both the nops module and the member of overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service via a member MODDN operation. Non-security issues fixed: - Fixed broken shebang line in openldap_update_modules_path.sh . - Create files in /var/lib/ldap/ during initial start to allow for transactional updates - Fixed incorrect post script call causing tmpfiles creation not to be run .