Not a user yet?
Log in Register for free Suggest a product
Update

USN-7828-1: Python LDAP vulnerabilities

Ubuntu ServerUbuntu Server
Canonical

Publication date: 20 October 2025
Overview: : Several security issues were fixed in Python LDAP.

Packages
python-ldap - LDAP interface module for Python
Details
It was discovered that Python LDAP incorrectly handled special characters
in the special character filtering function. A remote attacker could
possibly use this issue to perform LDAP injection attacks.
(CVE-2025-61911)

Arad Inbar discovered that Python LDAP incorrectly escaped NUL character
bytes. An attacker could possibly use this issue to cause a denial of
service. (CVE-2025-61912)

Update instructions
The problem can be corrected by updating your system to the following package versions:

  • 25.10 questing : python3-ldap – 3.4.4-1ubuntu0.25.10.1
  • 25.04 plucky :python3-ldap – 3.4.4-1ubuntu0.25.04.1
  • 24.04 LTS noble :python3-ldap – 3.4.4-1ubuntu0.24.04.1
  • 22.04 LTS jammy: python3-ldap – 3.2.0-4ubuntu7.2
  • 20.04 LTS focal: python3-ldap – 3.2.0-4ubuntu2.1+esm1
  • 18.04 LTS bionic: python-ldap – 3.0.0-1ubuntu0.2+esm1
    python3-ldap – 3.0.0-1ubuntu0.2+esm1
  • 16.04 LTS xenial :python-ldap – 2.4.22-0.1ubuntu0.1~esm1
More updatesTo the product
The manufacturer Canonical has not yet set up its devicebase profile. Content such as updates, compatibilities and support may only be maintained with a delay.
Receive Important Update Messages Stay tuned for upcoming Canonical updates

More from the Operating Systems section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad