diff options
| author | Gyorgy Sarvari <skandigraun@gmail.com> | 2026-02-05 07:59:38 +0100 |
|---|---|---|
| committer | Anuj Mittal <anuj.mittal@oss.qualcomm.com> | 2026-02-19 08:20:21 +0530 |
| commit | 0ee5ceb16dfe01c27c34e4ced316fab685d9780f (patch) | |
| tree | a4ab13b3e51b215b0234e09f3f9350e4348dff8e /meta-python/recipes-devtools/python/python3-m2crypto_0.46.2.bb | |
| parent | ea22ad26ba63073b39488fdc8006653eede9b838 (diff) | |
| download | meta-openembedded-0ee5ceb16dfe01c27c34e4ced316fab685d9780f.tar.gz | |
python3-ldap: upgrade 3.4.4 -> 3.4.5
Contains fixes for CVE-2025-61911 and CVE-2025-61912
Changelog:
Security fixes:
- CVE-2025-61911 (GHSA-r7r6-cc7p-4v5m): Enforce str input in
ldap.filter.escape_filter_chars with escape_mode=1; ensure proper
escaping.
- CVE-2025-61912 (GHSA-p34h-wq7j-h5v6): Correct NUL escaping in
ldap.dn.escape_dn_chars to \00 per RFC 4514.
Fixes:
- ReconnectLDAPObject now properly reconnects on UNAVAILABLE, CONNECT_ERROR
and TIMEOUT exceptions (previously only SERVER_DOWN), fixing reconnection
issues especially during server restarts
- Fixed syncrepl.py to use named constants instead of raw decimal values
for result types
- Fixed error handling in SearchNoOpMixIn to prevent a undefined variable error
Tests:
- Added comprehensive reconnection test cases including concurrent operation
handling and server restart scenarios
Doc:
- Updated installation docs and fixed various documentation typos
- Added ReadTheDocs configuration file
Infrastructure:
- Add testing and document support for Python 3.13
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9eabbca90565e4ae790bedeef9a91df1878c6f93)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Diffstat (limited to 'meta-python/recipes-devtools/python/python3-m2crypto_0.46.2.bb')
0 files changed, 0 insertions, 0 deletions