Описание
Security update for rav1e
This update for rav1e fixes the following issues:
- CVE-2024-12224: Fixed improper validation of unsafe equivalence in punycode. (bsc#1243855)
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP6
librav1e0_6-0.6.6-150600.3.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP7
librav1e0_6-0.6.6-150600.3.3.1
openSUSE Leap 15.6
librav1e0_6-0.6.6-150600.3.3.1
librav1e0_6-32bit-0.6.6-150600.3.3.1
rav1e-0.6.6-150600.3.3.1
rav1e-devel-0.6.6-150600.3.3.1
Ссылки
- Link for SUSE-SU-2025:02586-1
- E-Mail link for SUSE-SU-2025:02586-1
- SUSE Security Ratings
- SUSE Bug 1243855
- SUSE CVE CVE-2024-12224 page
Описание
Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while another part of that system would treat as equivalent to another hostname.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP6:librav1e0_6-0.6.6-150600.3.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:librav1e0_6-0.6.6-150600.3.3.1
openSUSE Leap 15.6:librav1e0_6-0.6.6-150600.3.3.1
openSUSE Leap 15.6:librav1e0_6-32bit-0.6.6-150600.3.3.1
Ссылки
- CVE-2024-12224
- SUSE Bug 1243848