USN-5526-2: PyJWT regression

2022-08-17 KENNETH Ubuntu security 0

USN-5526-2: PyJWT regression

USN-5526-1 fixed vulnerabilities in PyJWT. Unfortunately this caused a
regression by incrementing the internal package version number on Ubuntu
22.04 LTS. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Aapo Oksman discovered that PyJWT incorrectly handled signatures
constructed from SSH public keys. A remote attacker could use this to forge
a JWT signature.
Source: USN-5526-2: PyJWT regression

About KENNETH 19696 Articles
지락문화예술공작단

Be the first to comment

Leave a Reply

Your email address will not be published.


*


이 사이트는 Akismet을 사용하여 스팸을 줄입니다. 댓글 데이터가 어떻게 처리되는지 알아보세요.