From 9eabbca90565e4ae790bedeef9a91df1878c6f93 Mon Sep 17 00:00:00 2001 From: Gyorgy Sarvari Date: Mon, 5 Jan 2026 12:53:46 +0100 Subject: python3-ldap: upgrade 3.4.4 -> 3.4.5 Contains fixes for CVE-2025-61911 and CVE-2025-61912 Changelog: Security fixes: - CVE-2025-61911 (GHSA-r7r6-cc7p-4v5m): Enforce str input in ldap.filter.escape_filter_chars with escape_mode=1; ensure proper escaping. - CVE-2025-61912 (GHSA-p34h-wq7j-h5v6): Correct NUL escaping in ldap.dn.escape_dn_chars to \00 per RFC 4514. Fixes: - ReconnectLDAPObject now properly reconnects on UNAVAILABLE, CONNECT_ERROR and TIMEOUT exceptions (previously only SERVER_DOWN), fixing reconnection issues especially during server restarts - Fixed syncrepl.py to use named constants instead of raw decimal values for result types - Fixed error handling in SearchNoOpMixIn to prevent a undefined variable error Tests: - Added comprehensive reconnection test cases including concurrent operation handling and server restart scenarios Doc: - Updated installation docs and fixed various documentation typos - Added ReadTheDocs configuration file Infrastructure: - Add testing and document support for Python 3.13 Signed-off-by: Gyorgy Sarvari Signed-off-by: Khem Raj --- .../python/python3-ldap_3.4.4.bb | 32 ---------------------- .../python/python3-ldap_3.4.5.bb | 32 ++++++++++++++++++++++ 2 files changed, 32 insertions(+), 32 deletions(-) delete mode 100644 meta-python/recipes-networking/python/python3-ldap_3.4.4.bb create mode 100644 meta-python/recipes-networking/python/python3-ldap_3.4.5.bb (limited to 'meta-python/recipes-networking/python') diff --git a/meta-python/recipes-networking/python/python3-ldap_3.4.4.bb b/meta-python/recipes-networking/python/python3-ldap_3.4.4.bb deleted file mode 100644 index 8d52ff0154..0000000000 --- a/meta-python/recipes-networking/python/python3-ldap_3.4.4.bb +++ /dev/null @@ -1,32 +0,0 @@ -SUMMARY = "Provides a wrapper in Python to LDAP" -DESCRIPTION = "This module provides access to the LDAP \ -(Lightweight Directory Access Protocol) through Python operations \ -instead of C API. The module mainly acts as a wrapper for the \ -OpenLDAP 2.x libraries. Errors will appear as exceptions." -HOMEPAGE = "https://www.python-ldap.org/" -LICENSE = "PSF-2.0" -LIC_FILES_CHKSUM = "file://LICENCE;md5=36ce9d726d0321b73c1521704d07db1b" - -DEPENDS = "python3 openldap cyrus-sasl" - -PYPI_PACKAGE = "python-ldap" - -inherit pypi setuptools3 - -SRC_URI[sha256sum] = "7edb0accec4e037797705f3a05cbf36a9fde50d08c8f67f2aef99a2628fab828" - -do_configure:prepend() { - sed -i -e 's:^library_dirs =.*::' \ - -e 's:^include_dirs =.*:include_dirs = =/usr/include/sasl/:' \ - -e 's/= ldap_r/= ldap/g' ${S}/setup.cfg -} - -RDEPENDS:${PN} = " \ - python3-pprint \ - python3-pyasn1 \ - python3-pyasn1-modules \ - python3-threading \ - python3-unittest \ -" - -CVE_PRODUCT = "python-ldap" diff --git a/meta-python/recipes-networking/python/python3-ldap_3.4.5.bb b/meta-python/recipes-networking/python/python3-ldap_3.4.5.bb new file mode 100644 index 0000000000..5a176b5208 --- /dev/null +++ b/meta-python/recipes-networking/python/python3-ldap_3.4.5.bb @@ -0,0 +1,32 @@ +SUMMARY = "Provides a wrapper in Python to LDAP" +DESCRIPTION = "This module provides access to the LDAP \ +(Lightweight Directory Access Protocol) through Python operations \ +instead of C API. The module mainly acts as a wrapper for the \ +OpenLDAP 2.x libraries. Errors will appear as exceptions." +HOMEPAGE = "https://www.python-ldap.org/" +LICENSE = "PSF-2.0" +LIC_FILES_CHKSUM = "file://LICENCE;md5=36ce9d726d0321b73c1521704d07db1b" + +DEPENDS = "python3 openldap cyrus-sasl python3-setuptools-scm-native" + +PYPI_PACKAGE = "python_ldap" + +inherit pypi python_setuptools_build_meta + +SRC_URI[sha256sum] = "b2f6ef1c37fe2c6a5a85212efe71311ee21847766a7d45fcb711f3b270a5f79a" + +do_configure:prepend() { + sed -i -e 's:^library_dirs =.*::' \ + -e 's:^include_dirs =.*:include_dirs = =/usr/include/sasl/:' \ + -e 's/= ldap_r/= ldap/g' ${S}/setup.cfg +} + +RDEPENDS:${PN} = " \ + python3-pprint \ + python3-pyasn1 \ + python3-pyasn1-modules \ + python3-threading \ + python3-unittest \ +" + +CVE_PRODUCT = "python-ldap" -- cgit v1.2.3-54-g00ecf