Red Hat Product Errata RHSA-2024:3543 - Security Advisory
Issued:
2024-06-03
Updated:
2024-06-03

RHSA-2024:3543 - Security Advisory

Synopsis

Moderate: python-idna security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for python-idna is now available for Red Hat Enterprise Linux 8.8.

Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.

Description

Security Fix(es):

  • python-idna: potential DoS via resource consumption via specially crafted

inputs to idna.encode() (CVE-2024-3651)

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.8 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64

Fixes

  • BZ - 2274779 - CVE-2024-3651 python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode()

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8

SRPM
python-idna-2.5-5.el8_8.1.src.rpm SHA-256: 5ff9e658837479a6dd804d7cee13db81d53a1bc7d9e36e224dae7efdc7110e0b
x86_64
python3-idna-2.5-5.el8_8.1.noarch.rpm SHA-256: c8ac011a03e37f71a164aa8bed4befabea69e13c72087329344ccac4bf839e08

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8

SRPM
python-idna-2.5-5.el8_8.1.src.rpm SHA-256: 5ff9e658837479a6dd804d7cee13db81d53a1bc7d9e36e224dae7efdc7110e0b
s390x
python3-idna-2.5-5.el8_8.1.noarch.rpm SHA-256: c8ac011a03e37f71a164aa8bed4befabea69e13c72087329344ccac4bf839e08

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8

SRPM
python-idna-2.5-5.el8_8.1.src.rpm SHA-256: 5ff9e658837479a6dd804d7cee13db81d53a1bc7d9e36e224dae7efdc7110e0b
ppc64le
python3-idna-2.5-5.el8_8.1.noarch.rpm SHA-256: c8ac011a03e37f71a164aa8bed4befabea69e13c72087329344ccac4bf839e08

Red Hat Enterprise Linux Server - TUS 8.8

SRPM
python-idna-2.5-5.el8_8.1.src.rpm SHA-256: 5ff9e658837479a6dd804d7cee13db81d53a1bc7d9e36e224dae7efdc7110e0b
x86_64
python3-idna-2.5-5.el8_8.1.noarch.rpm SHA-256: c8ac011a03e37f71a164aa8bed4befabea69e13c72087329344ccac4bf839e08

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8

SRPM
python-idna-2.5-5.el8_8.1.src.rpm SHA-256: 5ff9e658837479a6dd804d7cee13db81d53a1bc7d9e36e224dae7efdc7110e0b
aarch64
python3-idna-2.5-5.el8_8.1.noarch.rpm SHA-256: c8ac011a03e37f71a164aa8bed4befabea69e13c72087329344ccac4bf839e08

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8

SRPM
python-idna-2.5-5.el8_8.1.src.rpm SHA-256: 5ff9e658837479a6dd804d7cee13db81d53a1bc7d9e36e224dae7efdc7110e0b
ppc64le
python3-idna-2.5-5.el8_8.1.noarch.rpm SHA-256: c8ac011a03e37f71a164aa8bed4befabea69e13c72087329344ccac4bf839e08

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8

SRPM
python-idna-2.5-5.el8_8.1.src.rpm SHA-256: 5ff9e658837479a6dd804d7cee13db81d53a1bc7d9e36e224dae7efdc7110e0b
x86_64
python3-idna-2.5-5.el8_8.1.noarch.rpm SHA-256: c8ac011a03e37f71a164aa8bed4befabea69e13c72087329344ccac4bf839e08

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.