From 5b82d1d4cd72a68c734bdde00c49561bb910e024 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E9=99=A4=E4=BA=86=E4=B8=8A=E7=8F=AD=E5=AF=B9=E5=95=A5?=
 =?UTF-8?q?=E9=83=BD=E6=84=9F=E5=85=B4=E8=B6=A3?= <2659187352@qq.com>
Date: Wed, 22 Oct 2025 19:18:32 +0800
Subject: [PATCH] fix CVE-2025-61912

---
 backport-CVE-2025-61912.patch | 38 +++++++++++++++++++++++++++++++++++
 python-ldap.spec              |  9 ++++++++-
 2 files changed, 46 insertions(+), 1 deletion(-)
 create mode 100644 backport-CVE-2025-61912.patch

diff --git a/backport-CVE-2025-61912.patch b/backport-CVE-2025-61912.patch
new file mode 100644
index 0000000..8dbebc1
--- /dev/null
+++ b/backport-CVE-2025-61912.patch
@@ -0,0 +1,38 @@
+From 6ea80326a34ee6093219628d7690bced50c49a3f Mon Sep 17 00:00:00 2001
+From: Simon Pichugin <simon.pichugin@gmail.com>
+Date: Fri, 10 Oct 2025 10:46:45 -0700
+Subject: [PATCH] Merge commit from fork
+
+Update tests to expect \00 and verify RFC-compliant escaping
+---
+ Lib/ldap/dn.py     | 3 ++-
+ Tests/t_ldap_dn.py | 2 +-
+ 2 files changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/Lib/ldap/dn.py b/Lib/ldap/dn.py
+index dd7278b6..64d7d0e9 100644
+--- a/Lib/ldap/dn.py
++++ b/Lib/ldap/dn.py
+@@ -26,7 +26,8 @@ def escape_dn_chars(s):
+     s = s.replace('>' ,'\\>')
+     s = s.replace(';' ,'\\;')
+     s = s.replace('=' ,'\\=')
+-    s = s.replace('\000' ,'\\\000')
++    # RFC 4514 requires NULL (U+0000) to be escaped as hex pair "\00"
++    s = s.replace('\x00' ,'\\00')
+     if s[-1]==' ':
+       s = ''.join((s[:-1],'\\ '))
+     if s[0]=='#' or s[0]==' ':
+diff --git a/Tests/t_ldap_dn.py b/Tests/t_ldap_dn.py
+index 86d3640..7c04777 100644
+--- a/Tests/t_ldap_dn.py
++++ b/Tests/t_ldap_dn.py
+@@ -49,7 +49,7 @@ class TestDN(unittest.TestCase):
+         self.assertEqual(ldap.dn.escape_dn_chars(' '), '\\ ')
+         self.assertEqual(ldap.dn.escape_dn_chars('  '), '\\ \\ ')
+         self.assertEqual(ldap.dn.escape_dn_chars('foobar '), 'foobar\\ ')
+-        self.assertEqual(ldap.dn.escape_dn_chars('f+o>o,b<a;r="\00"'), 'f\\+o\\>o\\,b\\<a\\;r\\=\\"\\\x00\\"')
++        self.assertEqual(ldap.dn.escape_dn_chars('f+o>o,b<a;r="\00"'), r'f\+o\>o\,b\<a\;r\=\"\00\"')
+         self.assertEqual(ldap.dn.escape_dn_chars('foo\\,bar'), 'foo\\\\\\,bar')
+ 
+     def test_str2dn(self):
diff --git a/python-ldap.spec b/python-ldap.spec
index fb57a46..dd88a3f 100644
--- a/python-ldap.spec
+++ b/python-ldap.spec
@@ -1,11 +1,12 @@
 Name:		python-ldap
 Version:	3.4.4
-Release:	2
+Release:	3
 Summary:	An object-oriented API to access LDAP directory servers
 License:	Python-2.0
 URL:		http://python-ldap.org/
 Source0:	https://files.pythonhosted.org/packages/source/p/%{name}/%{name}-%{version}.tar.gz
 Patch0001:      backport-CVE-2025-61911.patch 
+Patch0002:      backport-CVE-2025-61912.patch
 
 BuildRequires:	gcc openldap-devel
 BuildRequires:  python3-devel python3-setuptools
@@ -56,6 +57,12 @@ sed -i 's,-Werror,-Wignore,g' tox.ini
 %doc CHANGES README TODO Demo
 
 %changelog
+* Mon Oct 13 2025 zhaoyonghao <zhaoyonghao10@h-partner.com> - 3.4.4-3
+- Type:CVE
+- Id:CVE-2025-61912
+- SUG:NA
+- DESC:fix CVE-2025-61912
+
 * Mon Oct 13 2025 lizhipeng <lizhipeng@kylinos.cn> - 3.4.4-2 
 - Type: bugfix
 - ID: NA
-- 
Gitee