Multiple vulnerabilities has been identified and fixed in openldap: chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server . modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service via a relative Distinguished Name modification request that contains an empty value for the OldDN field . Packages for 2009.0 are provided as of the Extended Maintenance Program