Contains fixes for CVE-2025-61911 and CVE-2025-61912 Changelog: Security fixes: - CVE-2025-61911 (GHSA-r7r6-cc7p-4v5m): Enforce str input in ldap.filter.escape_filter_chars with escape_mode=1; ensure proper escaping. - CVE-2025-61912 (GHSA-p34h-wq7j-h5v6): Correct NUL escaping in ldap.dn.escape_dn_chars to \00 per RFC 4514.
Fixes: - ReconnectLDAPObject now properly reconnects on UNAVAILABLE, CONNECT_ERROR and TIMEOUT exceptions (previously only SERVER_DOWN), fixing reconnection issues especially during server restarts - Fixed syncrepl.py to use named constants instead of raw decimal values for result types - Fixed error handling in SearchNoOpMixIn to prevent a undefined variable error Tests: - Added comprehensive reconnection test cases including concurrent operation handling and server restart scenarios Doc: - Updated installation docs and fixed various documentation typos - Added ReadTheDocs configuration file Infrastructure: - Add testing and document support for Python 3.13 Signed-off-by: Gyorgy Sarvari <[email protected]> --- .../{python3-ldap_3.4.4.bb => python3-ldap_3.4.5.bb} | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) rename meta-python/recipes-networking/python/{python3-ldap_3.4.4.bb => python3-ldap_3.4.5.bb} (76%) diff --git a/meta-python/recipes-networking/python/python3-ldap_3.4.4.bb b/meta-python/recipes-networking/python/python3-ldap_3.4.5.bb similarity index 76% rename from meta-python/recipes-networking/python/python3-ldap_3.4.4.bb rename to meta-python/recipes-networking/python/python3-ldap_3.4.5.bb index aecffa9d7e..2ec49b58ec 100644 --- a/meta-python/recipes-networking/python/python3-ldap_3.4.4.bb +++ b/meta-python/recipes-networking/python/python3-ldap_3.4.5.bb @@ -7,13 +7,13 @@ HOMEPAGE = "https://www.python-ldap.org/"; LICENSE = "PSF-2.0" LIC_FILES_CHKSUM = "file://LICENCE;md5=36ce9d726d0321b73c1521704d07db1b" -DEPENDS = "python3 openldap cyrus-sasl" +DEPENDS = "python3 openldap cyrus-sasl python3-setuptools-scm-native" -PYPI_PACKAGE = "python-ldap" +PYPI_PACKAGE = "python_ldap" -inherit pypi setuptools3 +inherit pypi python_setuptools_build_meta -SRC_URI[sha256sum] = "7edb0accec4e037797705f3a05cbf36a9fde50d08c8f67f2aef99a2628fab828" +SRC_URI[sha256sum] = "b2f6ef1c37fe2c6a5a85212efe71311ee21847766a7d45fcb711f3b270a5f79a" do_configure:prepend() { sed -i -e 's:^library_dirs =.*::' \
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#123156): https://lists.openembedded.org/g/openembedded-devel/message/123156 Mute This Topic: https://lists.openembedded.org/mt/117084641/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
