fix CVE-2021-46823

(cherry picked from commit 55cc549f6b69a3190af311ddff7abe50304acd4e)

backport-CVE-2021-46823.patch

@@ -0,0 +1,22 @@
+From faa011b41f7141121546045925d809d54e70f5fd Mon Sep 17 00:00:00 2001
+From: Kevin Backhouse <kevinbackhouse@github.com>
+Date: Fri, 15 Oct 2021 15:21:37 +0100
+Subject: [PATCH] Fix ReDoS in regex.
+
+---
+ Lib/ldap/schema/tokenizer.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Lib/ldap/schema/tokenizer.py b/Lib/ldap/schema/tokenizer.py
+index 69823f2b..623b86d5 100644
+--- a/Lib/ldap/schema/tokenizer.py
++++ b/Lib/ldap/schema/tokenizer.py
+@@ -13,7 +13,7 @@
+     r"|"              # or
+     r"([^'$()\s]+)"   # string of length >= 1 without '$() or whitespace
+     r"|"              # or
+-    r"('(?:[^'\\]|\\\\|\\.)*?'(?!\w))"
++    r"('(?:[^'\\]|\\.)*'(?!\w))"
+                       # any string or empty string surrounded by unescaped
+                       # single quotes except if right quote is succeeded by
+                       # alphanumeric char

python-ldap.spec

@@ -1,12 +1,13 @@
 Name:		python-ldap	
 Version:	3.3.1
-Release:	3
+Release:	4
 Summary:	An object-oriented API to access LDAP directory servers
 License:	Python-2.0
 URL:		http://python-ldap.org/
 Source0:	https://files.pythonhosted.org/packages/source/p/%{name}/%{name}-%{version}.tar.gz
 
 Patch0:         Handle-unknown-LDAP-result-code.patch
+Patch1:		backport-CVE-2021-46823.patch
 
 BuildRequires:	gcc openldap-devel openssl-devel cyrus-sasl-devel
 BuildRequires:  python3-devel python3-setuptools openldap-servers
@@ -57,6 +58,12 @@ sed -i 's,-Werror,-Wignore,g' tox.ini
 %doc CHANGES README TODO Demo
 
 %changelog
+* Tue Jul 26 2022 zhouwenpei <zhouwenpei1@h-partners.com> - 3.3.1-4
+- Type:CVE
+- Id:CVE-2021-46823
+- SUG:NA
+- DESC:fix CVE-2021-46823
+
 * Fri May 06 2022 xingxing <xingxing9@h-partners.com> - 3.3.1-3
 - Type:bugfix
 - Id:NA