I think there are a few "long" standing ITSes, or candidate ones, that need some discussion as they have -devel implications.
ITS#6505: add "const" to attrs in libldap search API: not a big deal, it would change a consolidated API, but the change should be harmless.
ITS#6482: the issue is not easily reproducible; the proposed patch sounds a bit naive; perhaps bi_tool_entry_next() could be strengthened by trying a bit harder to get the next ID. Not sure how, the first guess would be to increment the last ID and use DB_SET instead of DB_NEXT until something is found (as naive as the proposed one). Suggestions for better strategies? In any case, I think backend-specific issues should be hidden in the backend tool helpers rather than attempted by slaptools themselves.
ITS#6477: the reported case story can be dealt with by detecting the error and re-running slaptest with -d; however, there might be cases where the exact knowledge of the cause of a TLS error may be useful in syslog's logs; this would require to change the way those errors are logged by the client library.