SUSE Package Hub - openSUSE-2025-4

Update Info

openSUSE-2025-4

Security update for rubygem-json-jwt

Type: security

Severity: moderate

Issued: 2025-01-07

Description:

This update for rubygem-json-jwt fixes the following issues:

- New upstream release 1.16.6, see bundled CHANGELOG.md

- Remove padding oracle by @btoews in https://github.com/nov/json-jwt/pull/109
- Fixes CVE-2023-51774 boo#1220727

- updated to version 1.11.0
  - no changelog found
  - Fixes CVE-2019-18848 boo#1156649

References

Packages

rubygem-aes_key_wrap-1.1.0-bp155.2.1

rubygem-json-jwt-1.16.6-bp155.3.3.1