Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted libjwt3 3.3.3-1 (source) into unstable
Date: Mon, 18 May 2026 21:48:46 +0000
Signed by: Nicolas Mora <babelouest@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 04 May 2026 10:13:19 -0400
Source: libjwt3
Architecture: source
Version: 3.3.3-1
Distribution: unstable
Urgency: medium
Maintainer: Benjamin Collins <bcollins@libjwt.io>
Changed-By: Benjamin Collins <bcollins@libjwt.io>
Changes:
 libjwt3 (3.3.3-1) unstable; urgency=medium
 .
   [Benjamin Collins]
   * New upstream release
   * Security advisory: GHSA-q843-6q5f-w55g
     - Algorithm confusion allows JWT forgery with RSA JWK as empty-key HMAC
     - Fixes: CVE-2026-44699
   [Nicolas Mora <nicolas@babelouest.org>]
   * Update Standards-Version to 4.7.4
   * Remove debian/libjwt14-doc.lintian-overrides
   * Remove Priority and Rules-Requires-Root in d/control which are useless
     in 4.7.4
Checksums-Sha1:
 b10b7932a078a0253ce885f318cbbc60ae0f3031 2253 libjwt3_3.3.3-1.dsc
 aa0c6270bba75e13d8e8a12f46a9d3d4ea45894c 606701 libjwt3_3.3.3.orig.tar.gz
 f6e66121e3548e55dc9b43c36545f5406303da5b 5500 libjwt3_3.3.3-1.debian.tar.xz
 31292d0321ea31e848bc1055ac1ce1d5fbbccd95 11341 libjwt3_3.3.3-1_amd64.buildinfo
Checksums-Sha256:
 d5ff99a33f07c4cc8033ec2c29679e3238f6b9dde6ebcb230ea335fa7b65f58c 2253 libjwt3_3.3.3-1.dsc
 a562e5548a8e10ac6fcba64a5e6d326c15712211cb54d25242c15e8b3250b4f2 606701 libjwt3_3.3.3.orig.tar.gz
 b69e2fa569b6213164f692e01968b96e0c2d6a67e1f51fba3e56eaebf3e7f021 5500 libjwt3_3.3.3-1.debian.tar.xz
 1afb1c737f1b225afb158b4b26d8438b1418c6247ed74947e7f3ca221bc1a859 11341 libjwt3_3.3.3-1_amd64.buildinfo
Files:
 236e0777800cb1fad71f73cb57cfc739 2253 devel optional libjwt3_3.3.3-1.dsc
 ad40f0b2f073ab84b43784873849f70e 606701 devel optional libjwt3_3.3.3.orig.tar.gz
 7a90757b18f9d2528851b0ff41b01326 5500 devel optional libjwt3_3.3.3-1.debian.tar.xz
 a3a747213b0378527cb08b6839279c32 11341 devel optional libjwt3_3.3.3-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEhAWwL8wo75dEyPJT/oITlEC9IrkFAmoLhpkACgkQ/oITlEC9
IrkKFw//dxuww6+gykrJNFi7jgPOWSbHl9gpyIjXvoC3fP6cmDTh1D7wA6flZ8+0
BNz8AwSepsO6SHCvJ1d+E1wpyXrzDKJ5qwmcgETl0Jjzol1FcLSFLsTo/bgCbw9x
bBU83FYvY7s9tT4U1K13GI5Zy3OKYLelnJng9T7lxMySWYvhJAqnbf9H4YKVXO5G
YTTOkEXI2oEG5dbVllPagaV4bmgQZZ040sBycGUiC81pWEadXdx3z01cRLgq3Lbs
EVfwBtzGqyMR+A63JRPnD1v7es82P+BSyOT/CS10DjRoxzQOzvVLpA4BWmaWS/wv
CdtSSK0QSdnnKJ1CvyZpp6b8vS2RxvWj3svG3o3swQMWAah/TENV5GfkXTNY2/YQ
GOgqaBPtPND3PFvOhpo5BeG3HSgTG+jAQHHJKWPe7IqFMk7o2DsKth7UlhaCdgtC
pfVlSNjmeczPvOBSN+90KeeWOBfEXBMMf+pVcTNvXhaBdPY+aGRk3pkgNdxcRrQZ
aq7aZEW22W9w4NVFCO7J994b+E9CCzCxiQyJQrna2b8stw3SNYMFc+yxr9uslAfe
WFnrbd7mttZAbg8/OBlGiOmq5gi/8Tp/b6yUw8zFhW/K/QZs4YHLllBUh0c1yMp1
njy9VKEit/v5CeRR9S9MPC3cI0M6wadT8+r0+/TRY+8jOLteJvo=
=lZX9
-----END PGP SIGNATURE-----

News for package libjwt3