Package : python-idna
Version : 2.6-1+deb10u1
CVE ID : CVE-2024-3651
Debian Bug : 1069127
Guido Vranken discovered an issue in python3-idna, a library to support
the Internationalized Domain Names in Applications (IDNA) protocol. A
specially crafted argument to the idna.encode() function could consume
significant resources, which may lead to Denial of Service.
For Debian 10 buster, this problem has been fixed in version
2.6-1+deb10u1.
We recommend that you upgrade your python-idna packages.
For the detailed security status of python-idna please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/python-idna
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 10 | all | python-idna | <Â 2.6-1+deb10u1 | python-idna_2.6-1+deb10u1_all.deb |
Debian | 10 | all | pypy-idna | <Â 2.6-1+deb10u1 | pypy-idna_2.6-1+deb10u1_all.deb |
Debian | 10 | all | python3-idna | <Â 2.6-1+deb10u1 | python3-idna_2.6-1+deb10u1_all.deb |