Ubuntu
pyjwt package

Overview
Code
Bugs
Blueprints
Translations
Answers

Change logs for pyjwt source package in Artful

Artful (17.10)
Change log

pyjwt (1.4.2-1.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Throw if key is an PKCS1 PEM-encoded public key (CVE-2017-11424)
    (Closes: #873244)

 -- Salvatore Bonaccorso <email address hidden>  Sat, 16 Sep 2017 14:49:38 +0200

pyjwt (1.4.2-1ubuntu1) artful; urgency=medium

  * SECURITY UPDATE: symmetric/asymmetric key confusion attacks
    - debian/patches/CVE-2017-11424.patch: Throw if key is an PKCS1
      PEM-encoded public key in jwt/algorithms.py, jwt/api_jws.py,
      jwt/api_jwt.py, tests/keys/testkey_pkcs1.pub.pem,
      tests/test_algorithms.py, tests/test_api_jws.py, tests/test_api_jwt.py.
    - CVE-2017-11424

 -- <email address hidden> (Leonidas S. Barbosa)  Mon, 28 Aug 2017 15:39:22 -0300

pyjwt (1.4.2-1) unstable; urgency=medium

  * New upstream release.

 -- Daniele Tricoli <email address hidden>  Fri, 09 Sep 2016 01:07:26 +0200

Ubuntupyjwt package

Change logs for pyjwt source package in Artful

Ubuntu
pyjwt package