Описание
Security update for sccache
This update for sccache fixes the following issues:
- Update to version 0.4.2~4:
- CVE-2024-12224: Fixed improper validation of unsafe equivalence in punycode. (bsc#1243868)
Список пакетов
SUSE Linux Enterprise Module for Development Tools 15 SP6
sccache-0.4.2~4-150600.10.3.1
SUSE Linux Enterprise Module for Development Tools 15 SP7
sccache-0.4.2~4-150600.10.3.1
openSUSE Leap 15.6
sccache-0.4.2~4-150600.10.3.1
Ссылки
- Link for SUSE-SU-2025:02768-1
- E-Mail link for SUSE-SU-2025:02768-1
- SUSE Security Ratings
- SUSE Bug 1243868
- SUSE CVE CVE-2024-12224 page
Описание
Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while another part of that system would treat as equivalent to another hostname.
Затронутые продукты
SUSE Linux Enterprise Module for Development Tools 15 SP6:sccache-0.4.2~4-150600.10.3.1
SUSE Linux Enterprise Module for Development Tools 15 SP7:sccache-0.4.2~4-150600.10.3.1
openSUSE Leap 15.6:sccache-0.4.2~4-150600.10.3.1
Ссылки
- CVE-2024-12224
- SUSE Bug 1243848