| Package | python-idna |
|---|---|
| Version | 2.2-1+deb9u1 (stretch) |
| Related CVEs | CVE-2024-3651 |
Guido Vranken discovered an issue in python3-idna, a library to support the Internationalized Domain Names in Applications (IDNA) protocol. A specially crafted argument to the idna.encode() function could consume significant resources, which may lead to Denial of Service.
For Debian 9 stretch, these problems have been fixed in version 2.2-1+deb9u1.
We recommend that you upgrade your python-idna packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.