Ryan Tandy uploaded new packages for openldap which fixed the
following security problems:

CVE-2015-6908
  Denis Andzakovic discovered that OpenLDAP, a free implementation of the
  Lightweight Directory Access Protocol, does not properly handle BER data.
  An unauthenticated remote attacker can use this flaw to cause a denial of
  service (slapd daemon crash) via a specially crafted packet.

For the wheezy-backports distribution the problems have been fixed in
version 2.4.31+really2.4.40+dfsg-1+deb8u1~bpo70+1.

The jessie-backports suite does not contain openldap packages, while for
Debian stable suites the issue has been fixed by DSA-3356-1 (jessie and
wheezy) and DLA-309-1 (squeeze).