[Python-modules-team] Bug#873244: pyjwt: CVE-2017-11424: Incorrect handling of PEM-encoded public keys

Salvatore Bonaccorso carnil at debian.org
Thu Aug 31 08:06:00 UTC 2017

Control: notfound -1 0.2.1-1+deb8u1


On Fri, Aug 25, 2017 at 08:59:33PM +0200, Salvatore Bonaccorso wrote:
> Please adjust the affected versions in the BTS as needed. I think this
> should be present as well in 0.2.1-1+deb8u1.

Whilst the test is missing as well in 0.2.1-1+deb8u1, pyjwt in Jessie
would probably not work as expected in this regard.

I'm removing the found version for 0.2.1-1+deb8u1 for now.


More information about the Python-modules-team mailing list