mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-04-11 20:48:21 +00:00
Code Issues Projects Releases Wiki Activity
Files
67a8fe4a1a3652f930784b2a4f71405b217cf460
meta-openembedded/meta-python/recipes-networking/python/python3-ldap_3.4.5.bb
Gyorgy Sarvari 2116f0aff1 python3-ldap: upgrade 3.4.4 -> 3.4.5 
Contains fixes for CVE-2025-61911 and CVE-2025-61912

Changelog:
Security fixes:
- CVE-2025-61911 (GHSA-r7r6-cc7p-4v5m): Enforce str input in
  ldap.filter.escape_filter_chars with escape_mode=1; ensure proper
  escaping.
- CVE-2025-61912 (GHSA-p34h-wq7j-h5v6): Correct NUL escaping in
  ldap.dn.escape_dn_chars to \00 per RFC 4514.

Fixes:
- ReconnectLDAPObject now properly reconnects on UNAVAILABLE, CONNECT_ERROR
  and TIMEOUT exceptions (previously only SERVER_DOWN), fixing reconnection
  issues especially during server restarts
- Fixed syncrepl.py to use named constants instead of raw decimal values
  for result types
- Fixed error handling in SearchNoOpMixIn to prevent a undefined variable error

Tests:
- Added comprehensive reconnection test cases including concurrent operation
  handling and server restart scenarios

Doc:
- Updated installation docs and fixed various documentation typos
- Added ReadTheDocs configuration file

Infrastructure:
- Add testing and document support for Python 3.13

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9eabbca905)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-01-19 12:15:40 +05:30

33 lines
1022 B
BlitzBasic
Raw Blame History

SUMMARY = "Provides a wrapper in Python to LDAP"
DESCRIPTION = "This module provides access to the LDAP \
(Lightweight Directory Access Protocol) through Python operations \
instead of C API. The module mainly acts as a wrapper for the \
OpenLDAP 2.x libraries. Errors will appear as exceptions."
HOMEPAGE = "http://www.python-ldap.org/"
LICENSE = "PSF-2.0"
LIC_FILES_CHKSUM = "file://LICENCE;md5=36ce9d726d0321b73c1521704d07db1b"
DEPENDS = "python3 openldap cyrus-sasl python3-setuptools-scm-native"
PYPI_PACKAGE = "python_ldap"
inherit pypi python_setuptools_build_meta
SRC_URI[sha256sum] = "b2f6ef1c37fe2c6a5a85212efe71311ee21847766a7d45fcb711f3b270a5f79a"
do_configure:prepend() {
sed -i -e 's:^library_dirs =.*::' \
-e 's:^include_dirs =.*:include_dirs = =/usr/include/sasl/:' \
-e 's/= ldap_r/= ldap/g' ${S}/setup.cfg
}
RDEPENDS:${PN} = " \
python3-pprint \
python3-pyasn1 \
python3-pyasn1-modules \
python3-threading \
python3-unittest \
"
CVE_PRODUCT = "python-ldap"
Reference in New Issue View Git Blame Copy Permalink