AIX Open Source

AIX Open Source

Share your experiences and connect with fellow developers to discover how to build and manage open source software for the AIX operating system

 View Only

  • 1.  CVE-2024-3651 - idna library

    Posted Wed July 10, 2024 03:33 PM

    Hi open source team, question regarding CVE-2024-3651. Currently we don't have that package installed, however I am seeing some idna files in the Python 3.9.19 version in AIX

    /opt/freeware/lib/python3.9/encodings/idna.py

    Do these come by default in Python 3.9.19 and would this makes us vulnerable to the CVE in question?

    Thanks in advance



    ------------------------------
    Pablo Daniel Zuñiga TREJO
    ------------------------------


  • 2.  RE: CVE-2024-3651 - idna library

    Posted Fri July 12, 2024 04:25 AM
    Edited by Ayappan P Fri July 12, 2024 04:25 AM

    This CVE is affecting a separate third party python module "idna" -->  https://github.com/kjd/idna . Not related to the idna encodings that comes with main python. 



    ------------------------------
    Ayappan P
    ------------------------------

    Original Message


  • 3.  RE: CVE-2024-3651 - idna library

    Posted Fri July 12, 2024 12:10 PM

    Thanks for the response Ayappan!



    ------------------------------
    Pablo Daniel Zuñiga TREJO
    ------------------------------

    Original Message


Related Content