Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 38: FEDORA-2024-831b7c8340 Critical: mingw-python-idna DoS Risk

fedora
Calendar Grey April 23, 2024
Dist Fedora Esm H88
Crucial notification for mingw-python-idna version 3.7 highlights concerns related to resource usage and possible Denial of Service vulnerabilities in Fedora 38.
Update to idna-3.7.

Summary

MinGW Windows Python idna.

Update Information:

Update to idna-3.7.

Topics%20covered

Topics Covered

security advisory Fedora DoS critical update vulnerability mingw-python-idna

Change Log

* Sun Apr 14 2024 Sandro Mani - 3.7-1 - Update to 3.7 * Thu Jan 25 2024 Fedora Release Engineering - 3.6-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sun Jan 21 2024 Fedora Release Engineering - 3.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Thu Nov 30 2023 Sandro Mani - 3.6-1 - Update to 3.6 * Thu Jul 20 2023 Fedora Release Engineering - 3.4-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild

References


[ 1 ] Bug #2274782 - TRIAGE CVE-2024-3651 mingw-python-idna: python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2274782

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-831b7c8340' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: mingw-python-idna
Product: Fedora 38
Version: 3.7
Release: 1.fc38
URL: https://github.com/kjd/idna
Summary: MinGW Windows Python idna

Topics%20covered

Topics Covered

security advisory Fedora DoS critical update vulnerability mingw-python-idna

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here