If you haven't read https://openssl.org/news/secadv/20160503.txt yet, it's worth taking a look. The ASN.1-related bugs have no impact on OpenLDAP since we use our own liblber for parsing and encoding, and our encoder/decoder are known to be bug-free.