UbuntuUpdates.org

Package "cjose"

Name: cjose

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • C library implementing the JOSE standard (development files)
  • C library implementing the JOSE standard

Latest version: 0.6.1+dfsg1-3ubuntu1.1
Release: jammy (22.04)
Level: security
Repository: universe

Links



Other versions of "cjose" in Jammy

Repository Area Version
base universe 0.6.1+dfsg1-3ubuntu1
updates universe 0.6.1+dfsg1-3ubuntu1.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 0.6.1+dfsg1-3ubuntu1.1 2023-08-24 20:06:47 UTC

  cjose (0.6.1+dfsg1-3ubuntu1.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Use of a Broken Cryptographic Algorithm
    - debian/patches/CVE-2023-37464.patch: use fixed authentication tag
      length of 16 octets in AES GCM decryption.
    - CVE-2023-37464

 -- Paulo Flabiano Smorigo <email address hidden> Tue, 22 Aug 2023 11:39:35 -0300

CVE-2023-37464 OpenIDC/cjose is a C library implementing the Javascript Object Signing and Encryption (JOSE). The AES GCM decryption routine incorrectly uses the Ta



About   -   Send Feedback to @ubuntu_updates