[ubuntu/resolute-proposed] python-ldap 3.4.4-2ubuntu3 (Accepted)

Hlib Korzhynskyy hlib.korzhynskyy at canonical.com
Mon Dec 15 18:28:17 UTC 2025 

python-ldap (3.4.4-2ubuntu3) resolute; urgency=medium

  * SECURITY UPDATE: Improper special character escape when supplying
    non-string data types.
    - debian/patches/CVE-2025-61911.patch: Raise exception when type is not str
      in Lib/ldap/filter.py.
    - CVE-2025-61911
  * SECURITY UPDATE: Denial of service through improperly escaped null byte.
    - debian/patches/CVE-2025-61912.patch: Change NULL byte escape from \\\000
      to \\00 in Lib/ldap/dn.py.
    - CVE-2025-61912

Date: Mon, 15 Dec 2025 14:46:18 -0330
Changed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/python-ldap/3.4.4-2ubuntu3
-------------- next part --------------
Format: 1.8
Date: Mon, 15 Dec 2025 14:46:18 -0330
Source: python-ldap
Built-For-Profiles: noudeb
Architecture: source
Version: 3.4.4-2ubuntu3
Distribution: resolute
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
Changes:
 python-ldap (3.4.4-2ubuntu3) resolute; urgency=medium
 .
   * SECURITY UPDATE: Improper special character escape when supplying
     non-string data types.
     - debian/patches/CVE-2025-61911.patch: Raise exception when type is not str
       in Lib/ldap/filter.py.
     - CVE-2025-61911
   * SECURITY UPDATE: Denial of service through improperly escaped null byte.
     - debian/patches/CVE-2025-61912.patch: Change NULL byte escape from \\\000
       to \\00 in Lib/ldap/dn.py.
     - CVE-2025-61912
Checksums-Sha1:
 5acf0c31968e6713c6c007e78e8152ea218c5aba 2471 python-ldap_3.4.4-2ubuntu3.dsc
 ab6a68a78db17d9934ca8e212956cc4aac731aee 12220 python-ldap_3.4.4-2ubuntu3.debian.tar.xz
 facd7d09cad141e6d2a09054af3087addd7f811c 9939 python-ldap_3.4.4-2ubuntu3_source.buildinfo
Checksums-Sha256:
 9de1050f0ebed812872e4e1bbe307c8af3a7799de1d0ddd911588c4f8f0d1a1c 2471 python-ldap_3.4.4-2ubuntu3.dsc
 7df0b9fa31e631a45aa8c5dc7ead44b22da9966013e4b30409dc590d4c91afab 12220 python-ldap_3.4.4-2ubuntu3.debian.tar.xz
 64454733f8da93e554a9dc0691ee93c139f5fc3f62c07b7eb24267f756f58285 9939 python-ldap_3.4.4-2ubuntu3_source.buildinfo
Files:
 2617940c825bfaed35d53186e4dd9347 2471 python optional python-ldap_3.4.4-2ubuntu3.dsc
 444e4c5bb1224e595fdfc37231eac5ba 12220 python optional python-ldap_3.4.4-2ubuntu3.debian.tar.xz
 51054a5c73686fcf3c9687213d5eaf43 9939 python optional python-ldap_3.4.4-2ubuntu3_source.buildinfo
Original-Maintainer: Debian Python Team <team+python at tracker.debian.org>

More information about the Resolute-changes mailing list