This bug was fixed in the package openldap2.3 - 2.4.10-1ubuntu1

---------------
openldap2.3 (2.4.10-1ubuntu1) intrepid; urgency=low

  * Merge from debian unstable, remaining changes:
    - debian/apparmor-profile: add AppArmor profile
    - debian/slapd.postinst: Reload AA profile on configuration
    - updated debian/slapd.README.Debian for note on AppArmor
    - debian/control: Recommends apparmor >= 2.1+1075-0ubuntu6
    - debian/control: Conflicts with apparmor-profiles << 2.1+1075-0ubuntu4
      to make sure that if earlier version of apparmour-profiles gets
      installed it won't overwrite our profile.
    - Modify Maintainer value to match the DebianMaintainerField
      speficication.
    - follow ApparmorProfileMigration and force apparmor compalin mode on
      some upgrades (LP: #203529)
    - debian/slapd.dirs: add etc/apparmor.d/force-complain
    - debian/slapd.preinst: create symlink for force-complain on pre-feisty
      upgrades, upgrades where apparmor-profiles profile is unchanged (ie
      non-enforcing) and upgrades where apparmor profile does not exist.
    - debian/slapd.postrm: remove symlink in force-complain/ on purge
    - debian/patches/fix-ucred-libc due to changes how newer glibc handle
      the ucred struct now.
    - debian/patches/fix-unique-overlay-assertion.patch:
      Fix another assertion error in unique overlay (LP: #243337).
      Backport from head.
  * debian/control:
    - add time as build dependency: needed by make test.
  * debian/rules:
    - support debuild nocheck option: don't run tests if nocheck is set.
  * debian/patches/fix-gnutls-key-strength.patch:
    - fix slapd handling of ssf using gnutls. (LP: #244925).
  * Dropped - accepted in Debian:
    - debian/rules, debian/slapd.links: use hard links to slapd instead of
      symlinks for slap* so these applications aren't confined by apparmor
      (LP: #203898)
  * Dropped - fixed in new upstream release:
    - debian/patches/fix-assertion-io.patch: Fixes ber_flush2 assertion.
      (LP: #215904)
    - debian/patches/fix-dnpretty-assertion.patch: Fix dnPrettyNormal assertion
      error. (LP: #234196)
    - dropped debian/patches/fix-notify-crasher.patch: Fix modify timestamp crashes.
      (LP: #220724)
    - debian/patches/fix-syncrepl-oops: Fixes segmentation fault when using
      syncrepl. (LP: #227178)
    - dropped debian/patches/SECURITY_CVE-2008-0658.patch. Already applied
      upstream.

openldap2.3 (2.4.10-1) unstable; urgency=low

  [ Steve Langasek ]
  * New upstream release.
    - Clean up ld_defconn if it was freed, fixing an assertion failure in
      various clients.  Closes: #469232.
    - Fixes slapd syncrepl hang on back-config.  Closes: #471253.
    - Drop patch hurd-path-max, integrated upstream.
  * Drop spurious build-dependency on heimdal-dev, introduced accidentally
    as part of an aborted attempt to build the smbk5pwd overlay.
  * Use hardlinks instead of symlinks for the various slap* commands; this
    is functionally equivalent for us, and reduces divergence from
    derivatives such as Ubuntu that use apparmor.  Closes: #488409.
  * New patch, no_backend_inter-linking, to fix the meta backend to not
    try to look up symbols in external objects (back_ldap) that it
    doesn't link against.
  * Turn on 'make test' during builds, now that back_meta is fixed.

  [ Matthijs Mohlmann ]
  * All manpages in category 5 were missing, wrong directory.
    (Closes: #474976, #483631, #483633)

 -- Mathias Gug <email address hidden>   Thu, 03 Jul 2008 14:15:08 -0400