pyjwt 1.5.3+ds1-1ubuntu0.1 source package in Ubuntu
Changelog
pyjwt (1.5.3+ds1-1ubuntu0.1) bionic-security; urgency=medium
* SECURITY UPDATE: Signing key confusion via public key signature
- debian/patches/CVE-2022-29217.patch: update jwt/algorithms.py to
disallow using SSH keys as a HMAC secret.
- CVE-2022-29217
-- Alex Murray <email address hidden> Tue, 19 Jul 2022 15:53:32 +0930
Upload details
- Uploaded by:
- Alex Murray
- Uploaded to:
- Bionic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Bionic | updates | main | misc | |
| Bionic | security | main | misc |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| pyjwt_1.5.3+ds1.orig.tar.gz | 36.3 KiB | b8befa031516854b607587a72f6d4f86d83c63c2b2e2ee0013142f2912be0fdb |
| pyjwt_1.5.3+ds1-1ubuntu0.1.debian.tar.xz | 7.4 KiB | 2e537945e41ec6e5c959526117b093c5d641afc9d5b8a9a909fc5e689f93a67e |
| pyjwt_1.5.3+ds1-1ubuntu0.1.dsc | 2.3 KiB | 7973f8d4f2de9a7a7c70dd26ceea37ff0bd77e1e74c30f99526cd29fe21b4fdf |
Available diffs
Binary packages built by this source
- python-jwt: Python implementation of JSON Web Token
PyJWT implements the JSON Web Token draft 01, a way of representing
signed content using JSON data structures.
.
Supported algorithms for cryptographic signing:
.
* HS256 - HMAC using SHA-256 hash algorithm (default)
* HS384 - HMAC using SHA-384 hash algorithm
* HS512 - HMAC using SHA-512 hash algorithm
* RS256 - RSASSA-PKCS1-v1_5 signature algorithm using SHA-256 hash
algorithm
* RS384 - RSASSA-PKCS1-v1_5 signature algorithm using SHA-384 hash
algorithm
* RS512 - RSASSA-PKCS1-v1_5 signature algorithm using SHA-512 hash
algorithm
.
Supported reserved claim names:
- "exp" (Expiration Time) Claim
- python3-jwt: Python 3 implementation of JSON Web Token
PyJWT implements the JSON Web Token draft 01, a way of representing
signed content using JSON data structures.
.
Supported algorithms for cryptographic signing:
.
* HS256 - HMAC using SHA-256 hash algorithm (default)
* HS384 - HMAC using SHA-384 hash algorithm
* HS512 - HMAC using SHA-512 hash algorithm
* RS256 - RSASSA-PKCS1-v1_5 signature algorithm using SHA-256 hash
algorithm
* RS384 - RSASSA-PKCS1-v1_5 signature algorithm using SHA-384 hash
algorithm
* RS512 - RSASSA-PKCS1-v1_5 signature algorithm using SHA-512 hash
algorithm
.
Supported reserved claim names:
- "exp" (Expiration Time) Claim
.
This package contains the Python 3 version of the library.
