diff --git a/backport-CVE-2025-61911.patch b/backport-CVE-2025-61911.patch
new file mode 100644
index 0000000000000000000000000000000000000000..9c4e8a064e5ec92e531e31c73787ece23f042092
--- /dev/null
+++ b/backport-CVE-2025-61911.patch
@@ -0,0 +1,38 @@
+From 3957526fb1852e84b90f423d9fef34c7af25b85a Mon Sep 17 00:00:00 2001
+From: lukas-eu <62448426+lukas-eu@users.noreply.github.com>
+Date: Fri, 10 Oct 2025 19:47:46 +0200
+Subject: [PATCH] Merge commit from fork
+
+---
+ Lib/ldap/filter.py     | 2 ++
+ Tests/t_ldap_filter.py | 4 ++++
+ 2 files changed, 6 insertions(+)
+
+diff --git a/Lib/ldap/filter.py b/Lib/ldap/filter.py
+index 782737aa..5bd41b21 100644
+--- a/Lib/ldap/filter.py
++++ b/Lib/ldap/filter.py
+@@ -24,6 +24,8 @@ def escape_filter_chars(assertion_value,escape_mode=0):
+       If 1 all NON-ASCII chars are escaped.
+       If 2 all chars are escaped.
+   """
++  if not isinstance(assertion_value, str):
++    raise TypeError("assertion_value must be of type str.")
+   if escape_mode:
+     r = []
+     if escape_mode==1:
+diff --git a/Tests/t_ldap_filter.py b/Tests/t_ldap_filter.py
+index 313b3733..54312050 100644
+--- a/Tests/t_ldap_filter.py
++++ b/Tests/t_ldap_filter.py
+@@ -49,6 +49,10 @@ def test_escape_filter_chars_mode1(self):
+             ),
+             r'\c3\a4\c3\b6\c3\bc\c3\84\c3\96\c3\9c\c3\9f'
+         )
++        with self.assertRaises(TypeError):
++            escape_filter_chars(["abc@*()/xyz"], escape_mode=1)
++        with self.assertRaises(TypeError):
++            escape_filter_chars({"abc@*()/xyz": 1}, escape_mode=1)
+ 
+     def test_escape_filter_chars_mode2(self):
+         """
diff --git a/python-ldap.spec b/python-ldap.spec
index 6c7398561ad68b9f00184e6b24daa30afe626065..8cd517cb660c417ec4c136fb59f1cc649fb19b09 100644
--- a/python-ldap.spec
+++ b/python-ldap.spec
@@ -1,6 +1,6 @@
 Name:		python-ldap
 Version:	3.3.1
-Release:	5
+Release:	6
 Summary:	An object-oriented API to access LDAP directory servers
 License:	Python-2.0
 URL:		http://python-ldap.org/
@@ -8,6 +8,7 @@ Source0:	https://files.pythonhosted.org/packages/source/p/%{name}/%{name}-%{vers
 
 Patch0:         Handle-unknown-LDAP-result-code.patch
 Patch1:		backport-CVE-2021-46823.patch
+Patch2:         backport-CVE-2025-61911.patch
 
 BuildRequires:	gcc openldap-devel
 BuildRequires:  python3-devel python3-setuptools
@@ -58,6 +59,9 @@ sed -i 's,-Werror,-Wignore,g' tox.ini
 %doc CHANGES README TODO Demo
 
 %changelog
+* Mon Oct 13 2025 lizhipeng <lizhipeng@kylinos.cn> - 3.3.1-6
+- fix CVE-2025-61911
+
 * Fri Aug 05 2022 zhouwenpei <zhouwenpei1@h-partners.com> - 3.3.1-5
 - Type:requirements
 - Id:NA