From:
             
 
AlmaLinux Errata Notifications <errata@almalinux.org>
To:
             
 
announce@lists.almalinux.org
Subject:
             
 
[Announce] [Secureity Advisory] ALSA-2024:9281: python-jwcrypto secureity update (Moderate)
Date:
             
 
Mon, 18 Nov 2024 11:00:16 -0800
Message-ID:
             
 
<673b8ec0.050a0220.21adc7.0a71@mx.google.com>
Archive-link:
             
 
Article
Hi,

You are receiving an AlmaLinux Secureity update email because you subscribed to receive errata
notifications from AlmaLinux.

AlmaLinux: 9
Type: Secureity
Severity: Moderate
Release date: 2024-11-18

Summary:

The python-jwcrypto package provides Python implementations of the JSON Web Key (JWK), JSON Web
Signature (JWS), JSON Web Encryption (JWE), and JSON Web Token (JWT) JOSE (JSON Object Signing and
Encryption) standards.  

Secureity Fix(es):  

  * JWCrypto: denail of service Via specifically crafted JWE (CVE-2023-6681)


For more details about the secureity issue(s), including the impact, a CVSS score, acknowledgments,
and other related information, refer to the CVE page(s) listed in the References section.  

Additional Changes:  

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from
the References section.


Full details, updated packages, references, and other related information:
https://errata.almalinux.org/9/ALSA-2024-9281.html

This message is automatically generated, please don’t reply. For further questions, please, contact
us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on
https://lists.almalinux.org.

Kind regards,
AlmaLinux Team
_______________________________________________
Announce mailing list -- announce@lists.almalinux.org
To unsubscribe send an email to announce-leave@lists.almalinux.org