- Update to 3.4.5

* Security fixes: + CVE-2025-61911 (GHSA-r7r6-cc7p-4v5m): Enforce str input in ldap.filter.escape_filter_chars with escape_mode=1; ensure proper escaping. (bsc#1251912) + CVE-2025-61912 (GHSA-p34h-wq7j-h5v6): Correct NUL escaping in ldap.dn.escape_dn_chars to \00 per RFC 4514. (bsc#1251913) * Fixes: + ReconnectLDAPObject now properly reconnects on UNAVAILABLE, CONNECT_ERROR and TIMEOUT exceptions (previously only SERVER_DOWN), fixing reconnection issues especially during server restarts + Fixed syncrepl.py to use named constants instead of raw decimal values for result types + Fixed error handling in SearchNoOpMixIn to prevent a undefined variable error - Switch to building with pip, wheel and the pyproject macros. - Fix filename due to new setuptools.
2025-10-24 14:09:54 +11:00
4 changed files with 32 additions and 9 deletions
--- a/python-ldap-3.4.4.tar.gz
+++ b/python-ldap-3.4.4.tar.gz
--- a/python-ldap.changes
+++ b/python-ldap.changes
@@ -1,3 +1,24 @@
+-------------------------------------------------------------------
+Fri Oct 24 03:09:41 UTC 2025 - Steve Kowalik <steven.kowalik@suse.com>
+
+- Update to 3.4.5:
+  * Security fixes:
+    + CVE-2025-61911 (GHSA-r7r6-cc7p-4v5m): Enforce str input in
+      ldap.filter.escape_filter_chars with escape_mode=1; ensure proper
+      escaping. (bsc#1251912)
+    + CVE-2025-61912 (GHSA-p34h-wq7j-h5v6): Correct NUL escaping in
+      ldap.dn.escape_dn_chars to \00 per RFC 4514. (bsc#1251913)
+  * Fixes:
+    + ReconnectLDAPObject now properly reconnects on UNAVAILABLE,
+      CONNECT_ERROR and TIMEOUT exceptions (previously only SERVER_DOWN),
+      fixing reconnection issues especially during server restarts
+    + Fixed syncrepl.py to use named constants instead of raw decimal values
+      for result types
+    + Fixed error handling in SearchNoOpMixIn to prevent a undefined variable
+      error
+- Switch to building with pip, wheel and the pyproject macros.
+- Fix filename due to new setuptools.
+
 -------------------------------------------------------------------
 Tue Aug  5 05:27:36 UTC 2025 - William Brown <william.brown@suse.com>

--- a/python-ldap.spec
+++ b/python-ldap.spec
@@ -18,18 +18,20 @@

 %{?sle15_python_module_pythons}
 Name:           python-ldap
-Version:        3.4.4
+Version:        3.4.5
 Release:        0
 Summary:        Python LDAP interface
 License:        Python-2.0
 Group:          Development/Libraries/Python
 URL:            https://www.python-ldap.org/
-Source0:        https://files.pythonhosted.org/packages/source/p/python-ldap/python-ldap-%{version}.tar.gz
+Source0:        https://files.pythonhosted.org/packages/source/p/python-ldap/python_ldap-%{version}.tar.gz
 Patch0:         0001-Use-reentrant-libldap.patch
 BuildRequires:  %{python_module devel}
+BuildRequires:  %{python_module pip}
 BuildRequires:  %{python_module pyasn1 >= 0.3.7}
 BuildRequires:  %{python_module pyasn1-modules >= 0.1.5}
 BuildRequires:  %{python_module setuptools}
+BuildRequires:  %{python_module wheel}
 BuildRequires:  cyrus-sasl-devel >= 2.1
 BuildRequires:  fdupes
 BuildRequires:  krb5-devel
@@ -51,14 +53,14 @@ for that purpose.  Additionally the package contains modules for other
 LDAP-related stuff (e.g. processing LDIF, LDAPURLs, LDAPv3 schema, etc.).

 %prep
-%autosetup -p1
+%autosetup -p1 -n python_ldap-%{version}
 cp Build/setup.cfg.suse-linux setup.cfg

 %build
-CFLAGS="%{optflags}" %python_build
+CFLAGS="%{optflags}" %pyproject_wheel

 %install
-%python_install
+%pyproject_install
 %python_expand %fdupes %{buildroot}%{$python_sitearch}

 %check
@@ -68,7 +70,7 @@ PATH=/sbin:/usr/sbin:/usr/local/bin:/usr/bin:/bin %pyunittest_arch discover -v -
 %license LICENCE
 %doc README Demo CHANGES TODO
 %{python_sitearch}/ldap
-%{python_sitearch}/python_ldap-%{version}*info
+%{python_sitearch}/python_ldap-%{version}.dist-info
 %{python_sitearch}/slapdtest
 %{python_sitearch}/ldapurl.py
 %{python_sitearch}/ldif.py
--- a/python_ldap-3.4.5.tar.gz
+++ b/python_ldap-3.4.5.tar.gz