Red Hat Product Errata RHSA-2024:3846 - Security Advisory
Issued:
2024-06-11
Updated:
2024-06-11

RHSA-2024:3846 - Security Advisory

Synopsis

Moderate: python-idna security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for python-idna is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The hsakmt packages include a thunk library for AMD's Heterogeneous System Architecture (HSA) Linux kernel driver (amdkfd).

Security Fix(es):

  • python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode() (CVE-2024-3651)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.4 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x

Fixes

  • BZ - 2274779 - CVE-2024-3651 python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode()

Red Hat Enterprise Linux for x86_64 9

SRPM
python-idna-2.10-7.el9_4.1.src.rpm SHA-256: 175a3c6c98d0e56721eef1237529c11c2caca4c6fbbc0d9c30c28489e014388b
x86_64
python3-idna-2.10-7.el9_4.1.noarch.rpm SHA-256: af52887cccc937de789a399ba991cb49c5e98ab26742d017e2f58ed2d9eb5d0d

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6

SRPM
python-idna-2.10-7.el9_4.1.src.rpm SHA-256: 175a3c6c98d0e56721eef1237529c11c2caca4c6fbbc0d9c30c28489e014388b
x86_64
python3-idna-2.10-7.el9_4.1.noarch.rpm SHA-256: af52887cccc937de789a399ba991cb49c5e98ab26742d017e2f58ed2d9eb5d0d

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4

SRPM
python-idna-2.10-7.el9_4.1.src.rpm SHA-256: 175a3c6c98d0e56721eef1237529c11c2caca4c6fbbc0d9c30c28489e014388b
x86_64
python3-idna-2.10-7.el9_4.1.noarch.rpm SHA-256: af52887cccc937de789a399ba991cb49c5e98ab26742d017e2f58ed2d9eb5d0d

Red Hat Enterprise Linux Server - AUS 9.6

SRPM
python-idna-2.10-7.el9_4.1.src.rpm SHA-256: 175a3c6c98d0e56721eef1237529c11c2caca4c6fbbc0d9c30c28489e014388b
x86_64
python3-idna-2.10-7.el9_4.1.noarch.rpm SHA-256: af52887cccc937de789a399ba991cb49c5e98ab26742d017e2f58ed2d9eb5d0d

Red Hat Enterprise Linux Server - AUS 9.4

SRPM
python-idna-2.10-7.el9_4.1.src.rpm SHA-256: 175a3c6c98d0e56721eef1237529c11c2caca4c6fbbc0d9c30c28489e014388b
x86_64
python3-idna-2.10-7.el9_4.1.noarch.rpm SHA-256: af52887cccc937de789a399ba991cb49c5e98ab26742d017e2f58ed2d9eb5d0d

Red Hat Enterprise Linux for IBM z Systems 9

SRPM
python-idna-2.10-7.el9_4.1.src.rpm SHA-256: 175a3c6c98d0e56721eef1237529c11c2caca4c6fbbc0d9c30c28489e014388b
s390x
python3-idna-2.10-7.el9_4.1.noarch.rpm SHA-256: af52887cccc937de789a399ba991cb49c5e98ab26742d017e2f58ed2d9eb5d0d

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6

SRPM
python-idna-2.10-7.el9_4.1.src.rpm SHA-256: 175a3c6c98d0e56721eef1237529c11c2caca4c6fbbc0d9c30c28489e014388b
s390x
python3-idna-2.10-7.el9_4.1.noarch.rpm SHA-256: af52887cccc937de789a399ba991cb49c5e98ab26742d017e2f58ed2d9eb5d0d

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4

SRPM
python-idna-2.10-7.el9_4.1.src.rpm SHA-256: 175a3c6c98d0e56721eef1237529c11c2caca4c6fbbc0d9c30c28489e014388b
s390x
python3-idna-2.10-7.el9_4.1.noarch.rpm SHA-256: af52887cccc937de789a399ba991cb49c5e98ab26742d017e2f58ed2d9eb5d0d

Red Hat Enterprise Linux for Power, little endian 9

SRPM
python-idna-2.10-7.el9_4.1.src.rpm SHA-256: 175a3c6c98d0e56721eef1237529c11c2caca4c6fbbc0d9c30c28489e014388b
ppc64le
python3-idna-2.10-7.el9_4.1.noarch.rpm SHA-256: af52887cccc937de789a399ba991cb49c5e98ab26742d017e2f58ed2d9eb5d0d

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6

SRPM
python-idna-2.10-7.el9_4.1.src.rpm SHA-256: 175a3c6c98d0e56721eef1237529c11c2caca4c6fbbc0d9c30c28489e014388b
ppc64le
python3-idna-2.10-7.el9_4.1.noarch.rpm SHA-256: af52887cccc937de789a399ba991cb49c5e98ab26742d017e2f58ed2d9eb5d0d

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4

SRPM
python-idna-2.10-7.el9_4.1.src.rpm SHA-256: 175a3c6c98d0e56721eef1237529c11c2caca4c6fbbc0d9c30c28489e014388b
ppc64le
python3-idna-2.10-7.el9_4.1.noarch.rpm SHA-256: af52887cccc937de789a399ba991cb49c5e98ab26742d017e2f58ed2d9eb5d0d

Red Hat Enterprise Linux for ARM 64 9

SRPM
python-idna-2.10-7.el9_4.1.src.rpm SHA-256: 175a3c6c98d0e56721eef1237529c11c2caca4c6fbbc0d9c30c28489e014388b
aarch64
python3-idna-2.10-7.el9_4.1.noarch.rpm SHA-256: af52887cccc937de789a399ba991cb49c5e98ab26742d017e2f58ed2d9eb5d0d

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6

SRPM
python-idna-2.10-7.el9_4.1.src.rpm SHA-256: 175a3c6c98d0e56721eef1237529c11c2caca4c6fbbc0d9c30c28489e014388b
aarch64
python3-idna-2.10-7.el9_4.1.noarch.rpm SHA-256: af52887cccc937de789a399ba991cb49c5e98ab26742d017e2f58ed2d9eb5d0d

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4

SRPM
python-idna-2.10-7.el9_4.1.src.rpm SHA-256: 175a3c6c98d0e56721eef1237529c11c2caca4c6fbbc0d9c30c28489e014388b
aarch64
python3-idna-2.10-7.el9_4.1.noarch.rpm SHA-256: af52887cccc937de789a399ba991cb49c5e98ab26742d017e2f58ed2d9eb5d0d

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6

SRPM
python-idna-2.10-7.el9_4.1.src.rpm SHA-256: 175a3c6c98d0e56721eef1237529c11c2caca4c6fbbc0d9c30c28489e014388b
ppc64le
python3-idna-2.10-7.el9_4.1.noarch.rpm SHA-256: af52887cccc937de789a399ba991cb49c5e98ab26742d017e2f58ed2d9eb5d0d

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4

SRPM
python-idna-2.10-7.el9_4.1.src.rpm SHA-256: 175a3c6c98d0e56721eef1237529c11c2caca4c6fbbc0d9c30c28489e014388b
ppc64le
python3-idna-2.10-7.el9_4.1.noarch.rpm SHA-256: af52887cccc937de789a399ba991cb49c5e98ab26742d017e2f58ed2d9eb5d0d

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6

SRPM
python-idna-2.10-7.el9_4.1.src.rpm SHA-256: 175a3c6c98d0e56721eef1237529c11c2caca4c6fbbc0d9c30c28489e014388b
x86_64
python3-idna-2.10-7.el9_4.1.noarch.rpm SHA-256: af52887cccc937de789a399ba991cb49c5e98ab26742d017e2f58ed2d9eb5d0d

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4

SRPM
python-idna-2.10-7.el9_4.1.src.rpm SHA-256: 175a3c6c98d0e56721eef1237529c11c2caca4c6fbbc0d9c30c28489e014388b
x86_64
python3-idna-2.10-7.el9_4.1.noarch.rpm SHA-256: af52887cccc937de789a399ba991cb49c5e98ab26742d017e2f58ed2d9eb5d0d

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6

SRPM
python-idna-2.10-7.el9_4.1.src.rpm SHA-256: 175a3c6c98d0e56721eef1237529c11c2caca4c6fbbc0d9c30c28489e014388b
aarch64
python3-idna-2.10-7.el9_4.1.noarch.rpm SHA-256: af52887cccc937de789a399ba991cb49c5e98ab26742d017e2f58ed2d9eb5d0d

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4

SRPM
python-idna-2.10-7.el9_4.1.src.rpm SHA-256: 175a3c6c98d0e56721eef1237529c11c2caca4c6fbbc0d9c30c28489e014388b
aarch64
python3-idna-2.10-7.el9_4.1.noarch.rpm SHA-256: af52887cccc937de789a399ba991cb49c5e98ab26742d017e2f58ed2d9eb5d0d

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6

SRPM
python-idna-2.10-7.el9_4.1.src.rpm SHA-256: 175a3c6c98d0e56721eef1237529c11c2caca4c6fbbc0d9c30c28489e014388b
s390x
python3-idna-2.10-7.el9_4.1.noarch.rpm SHA-256: af52887cccc937de789a399ba991cb49c5e98ab26742d017e2f58ed2d9eb5d0d

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4

SRPM
python-idna-2.10-7.el9_4.1.src.rpm SHA-256: 175a3c6c98d0e56721eef1237529c11c2caca4c6fbbc0d9c30c28489e014388b
s390x
python3-idna-2.10-7.el9_4.1.noarch.rpm SHA-256: af52887cccc937de789a399ba991cb49c5e98ab26742d017e2f58ed2d9eb5d0d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.