Are you sure you have 'update-log-show-values' set and not 'update-log-show-all-values' ? Can you confirm?
Reason I ask because with 'all' , we write all values written to the update log are base-64 encoded as stated in docops and that is what I see you are reporting back. If that is the case, this working as design.
To test further, here what I did:
Logged in as user 'cn=Craig LINK,ou=Administration,ou=Corporate,o=democorp,c=au' in my DSA and tried to modify 'uid=alex,ou=support,ou=Corporate,o=democorp,c=au' entry. Originally it had 'cn=AlexD'
With 'set update-log-show-values=true;' I changed cn from 'AlexD' to 'Alex' and here is what I see in update log:
[40] 20171027.081718.542 "cn=Craig LINK,ou=Administration,ou=Corporate,o=democorp,c=au" MOD "uid=alex,ou=support,ou=Corporate,o=democorp,c=au" rem-attr:commonName,add-attr:commonName:"Alex",rem-attr:modifyTimestamp,add-attr:modifyTimestamp,rem-attr:modifiersName,add-attr:modifiersName
With 'set update-log-show-all-values=true;' I changed it back to 'AlexD' and here is what I see in update log:
[24] 20171027.082511.473 "cn=Craig LINK,ou=Administration,ou=Corporate,o=democorp,c=au" MOD "uid=alex,ou=support,ou=Corporate,o=democorp,c=au" rem-attr:commonName,add-attr:commonName:"QWxleEQ=",rem-attr:modifyTimestamp,add-attr:modifyTimestamp,rem-attr:modifiersName,add-attr:modifiersName