[ubuntu/resolute-proposed] python-ldap 3.4.5-1ubuntu1 (Accepted)

Nick Rosbrook enr0n at ubuntu.com
Fri Mar 20 19:42:15 UTC 2026 

python-ldap (3.4.5-1ubuntu1) resolute; urgency=medium

  * Merge with Debian unstable (LP: #2144841). Remaining changes:
    - {d/t/{startserver,upstream}: fix apparmor access to test directory
    - d/t/apparmor.sh: ignore apparmor control failures on Ubuntu+armhf (LP #2008393)
    - d/t/apparmor.sh: fix testing apparmor profile write access (LP #2130351)
  * Dropped changes, included upstream:
    - SECURITY UPDATE: Improper special character escape when supplying
      non-string data types.
      - debian/patches/CVE-2025-61911.patch: Raise exception when type is not str
        in Lib/ldap/filter.py.
      - CVE-2025-61911
    - SECURITY UPDATE: Denial of service through improperly escaped null byte.
      - debian/patches/CVE-2025-61912.patch: Change NULL byte escape from \\\000
        to \\00 in Lib/ldap/dn.py.
      - CVE-2025-61912

python-ldap (3.4.5-1) unstable; urgency=medium

  * New upstream version 3.4.5
  * Fixes sanitization bypass in ldap.filter.escape_filter_chars
    (CVE-2025-61911) (Closes: #1117858).
  * Fixes vulnerability to Improper Encoding or Escaping of Output and
    Improper Null Termination (CVE-2025-61912) (Closes: #1117859).
  * Build using pybuild-plugin-pyproject.
  * Drop python3-all-dbg from Build-Depends, unused.
  * Update information on availability of GNU GPL.
  * Use uscan version 5.
  * Use execute_before_ instead of override_ for running sphinxdoc.
  * Build using dh-sequence-sphinxdoc.
  * Drop python3-ldap-dbg.
  * Use \$(CURDIR) in d/rules.
  * Run wrap-and-sort -bast to reduce diff size of future changes.

Date: Fri, 20 Mar 2026 15:17:25 -0400
Changed-By: Nick Rosbrook <enr0n at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/python-ldap/3.4.5-1ubuntu1
-------------- next part --------------
Format: 1.8
Date: Fri, 20 Mar 2026 15:17:25 -0400
Source: python-ldap
Built-For-Profiles: noudeb
Architecture: source
Version: 3.4.5-1ubuntu1
Distribution: resolute
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Nick Rosbrook <enr0n at ubuntu.com>
Closes: 1117858 1117859
Launchpad-Bugs-Fixed: 2144841
Changes:
 python-ldap (3.4.5-1ubuntu1) resolute; urgency=medium
 .
   * Merge with Debian unstable (LP: #2144841). Remaining changes:
     - {d/t/{startserver,upstream}: fix apparmor access to test directory
     - d/t/apparmor.sh: ignore apparmor control failures on Ubuntu+armhf (LP #2008393)
     - d/t/apparmor.sh: fix testing apparmor profile write access (LP #2130351)
   * Dropped changes, included upstream:
     - SECURITY UPDATE: Improper special character escape when supplying
       non-string data types.
       - debian/patches/CVE-2025-61911.patch: Raise exception when type is not str
         in Lib/ldap/filter.py.
       - CVE-2025-61911
     - SECURITY UPDATE: Denial of service through improperly escaped null byte.
       - debian/patches/CVE-2025-61912.patch: Change NULL byte escape from \\\000
         to \\00 in Lib/ldap/dn.py.
       - CVE-2025-61912
 .
 python-ldap (3.4.5-1) unstable; urgency=medium
 .
   * New upstream version 3.4.5
   * Fixes sanitization bypass in ldap.filter.escape_filter_chars
     (CVE-2025-61911) (Closes: #1117858).
   * Fixes vulnerability to Improper Encoding or Escaping of Output and
     Improper Null Termination (CVE-2025-61912) (Closes: #1117859).
   * Build using pybuild-plugin-pyproject.
   * Drop python3-all-dbg from Build-Depends, unused.
   * Update information on availability of GNU GPL.
   * Use uscan version 5.
   * Use execute_before_ instead of override_ for running sphinxdoc.
   * Build using dh-sequence-sphinxdoc.
   * Drop python3-ldap-dbg.
   * Use \$(CURDIR) in d/rules.
   * Run wrap-and-sort -bast to reduce diff size of future changes.
Checksums-Sha1:
 606a9bfa2527872fa75dc069506a3ebb8e439aed 2503 python-ldap_3.4.5-1ubuntu1.dsc
 7a2dcfcf68019f15d7aa71f2a527494b8bf0fb29 388482 python-ldap_3.4.5.orig.tar.gz
 6f23e728a5e7be21314e1e15023a2ffe29bef60c 11624 python-ldap_3.4.5-1ubuntu1.debian.tar.xz
 88b808a2a8e42c5383222478e1a59723d9bda283 9198 python-ldap_3.4.5-1ubuntu1_source.buildinfo
Checksums-Sha256:
 88cafee87fc2ba286276af987f99396ed359e21d68ec43e46c10990688af9f8c 2503 python-ldap_3.4.5-1ubuntu1.dsc
 b2f6ef1c37fe2c6a5a85212efe71311ee21847766a7d45fcb711f3b270a5f79a 388482 python-ldap_3.4.5.orig.tar.gz
 0d9c809a38b908c85fb96350eb9e919d323e0ee24d8a3f946f06f2b786639598 11624 python-ldap_3.4.5-1ubuntu1.debian.tar.xz
 5cc8994b5435f2e3621254b6eb0d1ebd4b6e2c92558ce3ddef7e65bcc2f288d1 9198 python-ldap_3.4.5-1ubuntu1_source.buildinfo
Files:
 58840216d6e12a76772eb04ed16cd0fc 2503 python optional python-ldap_3.4.5-1ubuntu1.dsc
 ed363c1fa9767f865dcb18c7bcc9f931 388482 python optional python-ldap_3.4.5.orig.tar.gz
 4d4822af1939a100bfe1517844de6215 11624 python optional python-ldap_3.4.5-1ubuntu1.debian.tar.xz
 ad8c90d6d26fc275ec02f86613a06ce3 9198 python optional python-ldap_3.4.5-1ubuntu1_source.buildinfo
Original-Maintainer: Debian Python Team <team+python at tracker.debian.org>
Vcs-Git: https://git.launchpad.net/~enr0n/ubuntu/+source/python-ldap
Vcs-Git-Commit: f42de5f3296683eca43abdcfc315922aa0b528d7
Vcs-Git-Ref: refs/heads/merge-resolute

More information about the Resolute-changes mailing list