[potential DoS via resource consumption via specially crafted inputs to
idna.encode()]
Author | Note |
---|---|
mdeslaur | On focal and earlier, the python-pip package bundles python-idna binaries when built. After updating python-idna, a no-change rebuild of python-pip is required. On jammy and later, python-idna is bundled in the python-pip package and needs to be patched. |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | python-idna | < 2.6-1ubuntu0.1~esm1 | UNKNOWN |
ubuntu | 20.04 | noarch | python-idna | < 2.8-1ubuntu0.1 | UNKNOWN |
ubuntu | 22.04 | noarch | python-idna | < 3.3-1ubuntu0.1 | UNKNOWN |
ubuntu | 23.10 | noarch | python-idna | < 3.3-2ubuntu0.1 | UNKNOWN |
ubuntu | 24.04 | noarch | python-idna | < 3.6-2ubuntu0.1 | UNKNOWN |
ubuntu | 16.04 | noarch | python-idna | < 2.0-3ubuntu0.1~esm1 | UNKNOWN |
ubuntu | 18.04 | noarch | python-pip | < any | UNKNOWN |
ubuntu | 20.04 | noarch | python-pip | < any | UNKNOWN |
ubuntu | 22.04 | noarch | python-pip | < any | UNKNOWN |
ubuntu | 23.10 | noarch | python-pip | < any | UNKNOWN |