Описание
Security update for python-idna
This update for python-idna fixes the following issues:
- CVE-2024-3651: Fixed a denial of service via resource consumption through specially crafted inputs to idna.encode() (bsc#1222842)
Список пакетов
Image SLES15-SP4-BYOS-Azure
python311-idna-3.4-150400.11.10.1
Image SLES15-SP4-BYOS-EC2
python311-idna-3.4-150400.11.10.1
Image SLES15-SP4-HPC-BYOS
python311-idna-3.4-150400.11.10.1
Image SLES15-SP4-HPC-BYOS-Azure
python311-idna-3.4-150400.11.10.1
Image SLES15-SP4-HPC-BYOS-EC2
python311-idna-3.4-150400.11.10.1
Image SLES15-SP4-HPC-EC2
python311-idna-3.4-150400.11.10.1
Image SLES15-SP4-Hardened-BYOS-Azure
python311-idna-3.4-150400.11.10.1
Image SLES15-SP4-Hardened-BYOS-EC2
python311-idna-3.4-150400.11.10.1
Image SLES15-SP4-SAP
python311-idna-3.4-150400.11.10.1
Image SLES15-SP4-SAP-Azure
python311-idna-3.4-150400.11.10.1
Image SLES15-SP4-SAP-BYOS-Azure
python311-idna-3.4-150400.11.10.1
Image SLES15-SP4-SAP-BYOS-EC2
python311-idna-3.4-150400.11.10.1
Image SLES15-SP4-SAP-EC2
python311-idna-3.4-150400.11.10.1
Image SLES15-SP4-SAP-Hardened
python311-idna-3.4-150400.11.10.1
Image SLES15-SP4-SAP-Hardened-Azure
python311-idna-3.4-150400.11.10.1
Image SLES15-SP4-SAP-Hardened-BYOS
python311-idna-3.4-150400.11.10.1
Image SLES15-SP4-SAP-Hardened-BYOS-Azure
python311-idna-3.4-150400.11.10.1
Image SLES15-SP4-SAP-Hardened-BYOS-EC2
python311-idna-3.4-150400.11.10.1
Image SLES15-SP4-SAPCAL
python311-idna-3.4-150400.11.10.1
Image SLES15-SP4-SAPCAL-Azure
python311-idna-3.4-150400.11.10.1
Image SLES15-SP4-SAPCAL-EC2
python311-idna-3.4-150400.11.10.1
Image SLES15-SP5-Azure-3P
python311-idna-3.4-150400.11.10.1
Image SLES15-SP5-Azure-Basic
python311-idna-3.4-150400.11.10.1
Image SLES15-SP5-Azure-Standard
python311-idna-3.4-150400.11.10.1
Image SLES15-SP5-BYOS-Azure
python311-idna-3.4-150400.11.10.1
Image SLES15-SP5-BYOS-EC2
python311-idna-3.4-150400.11.10.1
Image SLES15-SP5-EC2
python311-idna-3.4-150400.11.10.1
Image SLES15-SP5-HPC-Azure
python311-idna-3.4-150400.11.10.1
Image SLES15-SP5-HPC-BYOS-Azure
python311-idna-3.4-150400.11.10.1
Image SLES15-SP5-HPC-BYOS-EC2
python311-idna-3.4-150400.11.10.1
Image SLES15-SP5-Hardened-BYOS-Azure
python311-idna-3.4-150400.11.10.1
Image SLES15-SP5-Hardened-BYOS-EC2
python311-idna-3.4-150400.11.10.1
Image SLES15-SP5-Manager-Server-5-0-EC2-llc
python311-idna-3.4-150400.11.10.1
Image SLES15-SP5-Manager-Server-5-0-EC2-ltd
python311-idna-3.4-150400.11.10.1
Image SLES15-SP5-SAP-Azure-3P
python311-idna-3.4-150400.11.10.1
Image SLES15-SP5-SAP-BYOS-Azure
python311-idna-3.4-150400.11.10.1
Image SLES15-SP5-SAP-BYOS-EC2
python311-idna-3.4-150400.11.10.1
Image SLES15-SP5-SAP-Hardened-Azure
python311-idna-3.4-150400.11.10.1
Image SLES15-SP5-SAP-Hardened-BYOS-Azure
python311-idna-3.4-150400.11.10.1
Image SLES15-SP5-SAP-Hardened-BYOS-EC2
python311-idna-3.4-150400.11.10.1
Image SLES15-SP5-SAPCAL-Azure
python311-idna-3.4-150400.11.10.1
Image SLES15-SP5-SAPCAL-EC2
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-Azure-Basic
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-Azure-Standard
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-BYOS-Azure
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-BYOS-EC2
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-EC2
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-EC2-ECS-HVM
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-HPC
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-HPC-Azure
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-HPC-BYOS
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-HPC-BYOS-Azure
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-HPC-BYOS-EC2
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-HPC-EC2
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-Hardened-BYOS-Azure
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-Hardened-BYOS-EC2
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-SAP
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-SAP-Azure
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-SAP-BYOS-Azure
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-SAP-BYOS-EC2
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-SAP-EC2
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-SAP-Hardened
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-SAP-Hardened-Azure
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-SAP-Hardened-BYOS
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-SAP-Hardened-BYOS-Azure
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-SAP-Hardened-BYOS-EC2
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-SAP-Hardened-EC2
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-SAPCAL
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-SAPCAL-Azure
python311-idna-3.4-150400.11.10.1
Image SLES15-SP6-SAPCAL-EC2
python311-idna-3.4-150400.11.10.1
SUSE Linux Enterprise Module for Public Cloud 15 SP4
python311-idna-3.4-150400.11.10.1
SUSE Linux Enterprise Module for Python 3 15 SP5
python311-idna-3.4-150400.11.10.1
SUSE Linux Enterprise Module for Python 3 15 SP6
python311-idna-3.4-150400.11.10.1
openSUSE Leap 15.5
python311-idna-3.4-150400.11.10.1
openSUSE Leap 15.6
python311-idna-3.4-150400.11.10.1
Ссылки
- Link for SUSE-SU-2024:1939-1
- E-Mail link for SUSE-SU-2024:1939-1
- SUSE Security Ratings
- SUSE Bug 1222842
- SUSE CVE CVE-2024-3651 page
Описание
A vulnerability was identified in the kjd/idna library, specifically within the `idna.encode()` function, affecting version 3.6. The issue arises from the function's handling of crafted input strings, which can lead to quadratic complexity and consequently, a denial of service condition. This vulnerability is triggered by a crafted input that causes the `idna.encode()` function to process the input with considerable computational load, significantly increasing the processing time in a quadratic manner relative to the input size.
Затронутые продукты
Image SLES15-SP4-BYOS-Azure:python311-idna-3.4-150400.11.10.1
Image SLES15-SP4-BYOS-EC2:python311-idna-3.4-150400.11.10.1
Image SLES15-SP4-HPC-BYOS-Azure:python311-idna-3.4-150400.11.10.1
Image SLES15-SP4-HPC-BYOS-EC2:python311-idna-3.4-150400.11.10.1
Ссылки
- CVE-2024-3651
- SUSE Bug 1222842