UbuntuUpdates.org

Package "pyjwt"

Name: pyjwt

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Python 3 implementation of JSON Web Token

Latest version: 1.7.1-2ubuntu2.1
Release: focal (20.04)
Level: security
Repository: main

Links



Other versions of "pyjwt" in Focal

Repository Area Version
base main 1.7.1-2ubuntu2
updates main 1.7.1-2ubuntu2.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.7.1-2ubuntu2.1 2022-07-20 01:07:41 UTC

  pyjwt (1.7.1-2ubuntu2.1) focal-security; urgency=medium

  * SECURITY UPDATE: Signing key confusion via public key signature
    - debian/patches/CVE-2022-29217.patch: update jwt/algorithms.py to
      disallow using SSH keys as a HMAC secret.
    - CVE-2022-29217

 -- Alex Murray <email address hidden> Tue, 19 Jul 2022 15:11:38 +0930

CVE-2022-29217 PyJWT is a Python implementation of RFC 7519. PyJWT supports multiple different JWT signing algorithms. With JWT, an attacker submitting the JWT toke



About   -   Send Feedback to @ubuntu_updates