python-idna-2.4-1.0.1.el7.AXS7
エラータID: AXSA:2025-11498:01
A library to support the Internationalised Domain Names in Applications (IDNA)
protocol as specified in RFC 5891 . This
version of the protocol is often referred to as "IDNA2008" and can produce
different results from the earlier standard from 2003.
The library is also intended to act as a suitable drop-in replacement for the
"encodings.idna" module that comes with the Python standard library but
currently only supports the older 2003 specification.
Security Fix(es):
* CVE-2024-3651: more efficient resolution of joiner contexts in idna library
to avoid quadratic complexity that leads to a DoS condition
CVE(s):
CVE-2024-3651
A vulnerability was identified in the kjd/idna library, specifically within the `idna.encode()` function, affecting version 3.6. The issue arises from the function's handling of crafted input strings, which can lead to quadratic complexity and consequently, a denial of service condition. This vulnerability is triggered by a crafted input that causes the `idna.encode()` function to process the input with considerable computational load, significantly increasing the processing time in a quadratic manner relative to the input size.
Update packages.
A vulnerability was identified in the kjd/idna library, specifically within the `idna.encode()` function, affecting version 3.6. The issue arises from the function's handling of crafted input strings, which can lead to quadratic complexity and consequently, a denial of service condition. This vulnerability is triggered by a crafted input that causes the `idna.encode()` function to process the input with considerable computational load, significantly increasing the processing time in a quadratic manner relative to the input size.
N/A
Asianux Server 7 for x86_64
- python-idna-2.4-1.0.1.el7.AXS7.noarch.rpm
MD5: d9acdf4e2619ea4e758632d4a9675798
SHA-256: 0b3644906aca2e980a52cb9c426402f35623acba8547fcc6c4620c73e7893c90
Size: 96.50 kB
日本語