Security update for python3-PyJWT
This update for python3-PyJWT fixes the following vulnerabilty:
* CVE-2017-11424: Insufficient filtering of PEM encoding public keys allowed for creation of JWTs from scratch (boo#1054106, with duplicate CVE-2017-12880)
-
Submitted by
Jan Matejek (matejcik)
Fixed bugs
bnc#1054106
VUL-0: CVE-2017-12880: python-PyJWT: In PyJWT 1.5.0 and below the 'invalid_strings' check in'HMACAlgorithm.prepare_key' does not account for all PEM encoded public keys.Specifically, the PKCS1 PEM encoded format would be allowed because i
