Fedora has issued an advisory on April 23: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QKQPAXBXFNOVCI2IKRUG56LWQVB6H64Y/ The issue is fixed in version 3.7. Mageia 9 is also affected.
Source RPM: (none) => python-idna-3.4-3.mga10.src.rpmStatus comment: (none) => Fixed upstream in 3.7Whiteboard: (none) => MGA9TOOCVE: (none) => CVE-2024-3651
(On an M9 system, I can only see version 3.3 in Cauldron). No one packager obvious for this RPM, so assigning to Python people.
Assignee: bugsquad => python
Cauldron updated to 3.7
CC: (none) => yvesbrungardWhiteboard: MGA9TOO => (none)Version: Cauldron => 9Source RPM: python-idna-3.4-3.mga10.src.rpm => python-idna-3.4-2.mga9.src.rpm
Submitting: RPMS: python3-idna-3.7-1.mga9.noarch SRPMS: python-idna-3.7-1.mga9
Assignee: python => qa-bugsStatus comment: Fixed upstream in 3.7 => (none)
Keywords: (none) => advisory
MGA9-64 Plasma Wayland on HP-Pavillion. No installation issues. Looking for som testing # urpmq --whatrequires python3-idna python3-anyio python3-cobaya python3-email-validator python3-hyperlink python3-idna python3-jsonschema+format python3-jsonschema+format-nongpl python3-nbxmpp python3-requests python3-requests python3-requests python3-rfc3986+idna2008 python3-trio python3-trustme python3-twisted+tls python3-yarl syslog-ng-python-modules So seems deep in developers territory. ]# urpmq --whatrequires-recursive python3-idna returns somethinh like 15 screenlenghts of packages.... Giving the OK on clean install and good behavior as we often do for developers stuff.
CC: (none) => herman.viaeneWhiteboard: (none) => MGA9-64-OK
Validating.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs