-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 3.0 (quilt) Source: pyjwt Binary: python-jwt, python3-jwt Architecture: all Version: 0.2.1-1+deb8u1 Maintainer: Debian Python Modules Team <[email protected]> Uploaders: Daniele Tricoli <[email protected]> Homepage: https://github.com/progrium/pyjwt Standards-Version: 3.9.5 Vcs-Browser: http://anonscm.debian.org/viewvc/python-modules/packages/pyjwt/trunk/ Vcs-Svn: svn://anonscm.debian.org/python-modules/packages/pyjwt/trunk/ Build-Depends: debhelper (>= 9), dh-python, python-all (>= 2.6.6-3), python-setuptools (>= 0.6b3), python3-all, python3-setuptools Package-List: python-jwt deb python optional arch=all python3-jwt deb python optional arch=all Checksums-Sha1: e1f49566cfe6fbfa4d6a467ca53b5f83f7f62ef3 6320 pyjwt_0.2.1.orig.tar.gz 496b01b6b2da4b34a4b09f3e1858db5ffedadb0b 3440 pyjwt_0.2.1-1+deb8u1.debian.tar.xz Checksums-Sha256: cfd0fad01a9a57fb4b24e59a82ffd50ddc9c2c4344694ec6ef436ae11d5d18aa 6320 pyjwt_0.2.1.orig.tar.gz f1e34259f0bc21c69020f6edd86f9c02faed3556d29de78f1bd4894c873d16ca 3440 pyjwt_0.2.1-1+deb8u1.debian.tar.xz Files: 500fdbdd4c7b60404063f7d9c2717108 6320 pyjwt_0.2.1.orig.tar.gz c4f8658ed920abb44a14aeac82c2fa64 3440 pyjwt_0.2.1-1+deb8u1.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJVgxOqAAoJEK728aKnRXZF3y4P+QG1r+69ZefNich2Nb2TxgtV PDuzPDc0hyQ0rQyCdDIyfB/JdYaeyQZtk9qTzFIcJ1CYc6VRaIPZHigT6o+jll/M kNFSp7ylTpc4Eec71yFPVs7gPYapFB3TQjP0mUtQe+dDUf8s1dnS3RlZhCi+2EU5 EqHilXil79VlMIuGlzyDPSunQ4/osVjsqkgFl6gujqbGSiMpA7cAVKDnEWp6H/MO gu45FOiBrd3i+hSjzHq3FjGcPL9qjsH4NknHLr14TxfmO7X/H/O9EojuofLlbC4D WJqa9r0v0Xtb4L5XjVks0wyIVTTB4+BpwrV6TSs79uTBvkn2j3zpWIlFXuXVi9HG jHWIZsXmTnjYtxqnbFhK8znJ6XIkeNXC83iJuvklPr7ahJYqNxICOmwmpBo+GIU0 PKiKQKpr11ge/tdIq2knlfC+MCsvPVmXMBdAtTScC8AqSWj8X8egxkXOLyrT4QRM FKcCv7OuJEvZyhMzl7qrZSYrKIUerSt/Gna2Xw1UeVbicjV4M1vOjfIlFQ+UrG3f nPsgYX0NfMULOHkzUIPgjHDKEs3mc2s7P1dPXu+EmR7nwr/IGPZbu4EdEfhrLlvv +QhdeJUZPetxwLlyR4vRD1dGNeIgtJlX2oNzTy4ocDSMnmLoQu6f/isnfV3ZdEW8 K3WzjzXL/1sADyKWOP2b =B3EN -----END PGP SIGNATURE----- Changes: pyjwt (0.2.1-1+deb8u1) jessie-security; urgency=medium * debian/patches/01_not-use-asymmetric-keys-as-HMAC.patch - Add a check so that asymmetric keys cannot be used as HMAC secrets. See for more details: https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/ (Closes: #781640) -- Daniele Tricoli <[email protected]> Fri, 05 Jun 2015 03:25:03 +0200
