pyjwt 1.7.1-2ubuntu2.1 source package in Ubuntu
Changelog
pyjwt (1.7.1-2ubuntu2.1) focal-security; urgency=medium * SECURITY UPDATE: Signing key confusion via public key signature - debian/patches/CVE-2022-29217.patch: update jwt/algorithms.py to disallow using SSH keys as a HMAC secret. - CVE-2022-29217 -- Alex Murray <email address hidden> Tue, 19 Jul 2022 15:11:38 +0930
Upload details
- Uploaded by:
- Alex Murray
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Focal | updates | main | misc | |
Focal | security | main | misc |
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
pyjwt_1.7.1.orig.tar.gz | 41.0 KiB | 8d59a976fb773f3e6a39c85636357c4f0e242707394cadadd9814f5cbaa20e96 |
pyjwt_1.7.1-2ubuntu2.1.debian.tar.xz | 7.9 KiB | b973031132e715d3eb48c8e8b8b1a91333bccaa94db7e9245a3529a572163f44 |
pyjwt_1.7.1-2ubuntu2.1.dsc | 2.0 KiB | 1d54f3f3258a1007082b700229ed410cf83a5fb130fd79a4062a879299b21ff9 |
Available diffs
Binary packages built by this source
- python3-jwt: Python 3 implementation of JSON Web Token
PyJWT implements the JSON Web Token draft 01, a way of representing
signed content using JSON data structures.
.
Supported algorithms for cryptographic signing:
.
* HS256 - HMAC using SHA-256 hash algorithm (default)
* HS384 - HMAC using SHA-384 hash algorithm
* HS512 - HMAC using SHA-512 hash algorithm
* RS256 - RSASSA-PKCS1-v1_5 signature algorithm using SHA-256 hash
algorithm
* RS384 - RSASSA-PKCS1-v1_5 signature algorithm using SHA-384 hash
algorithm
* RS512 - RSASSA-PKCS1-v1_5 signature algorithm using SHA-512 hash
algorithm
.
Supported reserved claim names:
- "exp" (Expiration Time) Claim
.
This package contains the Python 3 version of the library.