UbuntuUpdates.org

Package "python3-ldap"

Name: python3-ldap

Description:

LDAP interface module for Python3

Latest version: 3.2.0-4ubuntu2.1
Release: focal (20.04)
Level: security
Repository: main
Head package: python-ldap
Homepage: https://www.python-ldap.org

Links


Download "python3-ldap"


Other versions of "python3-ldap" in Focal

Repository Area Version
base main 3.2.0-4ubuntu2
updates main 3.2.0-4ubuntu2.1

Changelog

Version: 3.2.0-4ubuntu2.1 2022-07-11 17:07:14 UTC

  python-ldap (3.2.0-4ubuntu2.1) focal-security; urgency=medium

  * SECURITY UPDATE: Regular Expression DoS
    - debian/patches/CVE-2021-46823-pre.patch: get rid of
      expected failures in tokenizer tests in Lib/ldap/schema/tokenizer.py,
      Tests/t_ldap_schema_tokenizer.py.
    - debian/patches/CVE-2021-46823.patch: fix ReDoS in
      regex in Lib/ldap/schema/tokenizer.py.
    - CVE-2021-46823

 -- Leonidas Da Silva Barbosa <email address hidden> Mon, 04 Jul 2022 13:28:40 -0300

CVE-2021-46823 python-ldap before 3.4.0 is vulnerable to a denial of service when ldap.schema is used for untrusted schema definitions, because of a regular express



About   -   Send Feedback to @ubuntu_updates