File rubygem-json-jwt.changes of Package rubygem-json-jwt

-------------------------------------------------------------------
Fri Jan 18 08:11:35 UTC 2019 - Maximilian Meister <mmeister@suse.com>

- updated to version 1.9.4
  
  The json-jwt rubygem version >= 0.5.0 && < 1.9.4 contains a CWE-347:
  Improper Verification of Cryptographic Signature vulnerability in
  Decryption of AES-GCM encrypted JSON Web Tokens that can result in
  Attacker can forge a authentication tag. This attack appear to be
  exploitable via network connectivity. This vulnerability appears
  to have been fixed in 1.9.4 and later.
  
  More details here:
  https://nvd.nist.gov/vuln/detail/CVE-2018-1000539

  bsc#1121166

-------------------------------------------------------------------
Fri Dec  8 08:49:19 UTC 2017 - mmeister@suse.com

- updated to version 1.8.3
  no changelog found

-------------------------------------------------------------------
Sun Dec  3 19:23:35 UTC 2017 - coolo@suse.com

- updated to version 1.8.0
  no changelog found

-------------------------------------------------------------------
Fri Sep 22 07:18:11 UTC 2017 - mmeister@suse.com

- Initial packaging of version 1.7.2

Places

File rubygem-json-jwt.changes of Package rubygem-json-jwt

Places