Advisories » MGASA-2024-0245

Updated python-idna packages fix security vulnerability

Publication date: 01 Jul 2024
Modification date: 01 Jul 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-3651

Description

mingw-python-idna: python-idna: potential DoS via resource consumption
via specially crafted inputs to idna.encode()
                

References

• https://bugs.mageia.org/show_bug.cgi?id=33132
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QKQPAXBXFNOVCI2IKRUG56LWQVB6H64Y/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3651

SRPMS

9/core

• python-idna-3.7-1.mga9