This bug was fixed in the package pyjwt - 2.12.1-1
---------------
pyjwt (2.12.1-1) unstable; urgency=medium
* Team upload
* [8f6e5f6] New upstream version 2.12.1
Fixed CVE issues in upstream version 2.12.0
CVE-2026-32597 PyJWT accepts unknown `crit` header extensions
(RFC 7515 ยง4.1.11 MUST violation)
(Closes: #1130662)
* [2fbe924] d/control: Bump Standards-Version to 4.7.4
No further changes needed.
-- Carsten Schoenert <[email protected]> Sat, 25 Apr 2026
18:08:05 +0200
pyjwt (2.11.0-2) unstable; urgency=medium
* Team upload
* New upstream version 2.11.0
* Rebuild patch queue from patch-queue branch
Added patch:
docs-index.rst-Use-a-local-graphic-instead-of-sidelinking.patch
Updated patch:
docs-Use-packaged-intersphinx-resources.patch
* d/_static: Add the logo as local resource
* d/python-jwt-doc.install: Install local data from _static
* d/control: Add python-cryptography-doc to B-D
* d/watch: Convert to version 5
* d/copyright: Update year data
-- Carsten Schoenert <[email protected]> Sat, 21 Feb 2026
09:57:04 +0200
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2154101
Title:
Merge pyjwt from Debian for stonking cycle
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pyjwt/+bug/2154101/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
