Issued:
2024-06-03
Updated:
2024-06-03

RHSA-2024:3543 - Moderate: python-idna security and bug fix update

Synopsis

Moderate: python-idna security and bug fix update

Type/Severity

Security Advisory Moderate

Topic

An update for python-idna is now available for Red Hat Enterprise Linux 8.8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Security Fix(es):

  • python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode() (CVE-2024-3651)

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

ProductVersionArch
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions8.8x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support8.8x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension8.8x86_64
Red Hat Enterprise Linux for Power, little endian - Extended Update Support8.8ppc64le
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support8.8s390x
Red Hat Enterprise Linux for ARM 64 - Extended Update Support8.8aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions8.8ppc64le
Red Hat Enterprise Linux Server - TUS8.8x86_64

Updated Packages

  • python-idna-2.5-5.el8_8.1.src.rpm
  • python3-idna-2.5-5.el8_8.1.noarch.rpm

Fixes

CVEs

References

Additional information