-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 23 Jun 2026 17:17:46 +0300 Source: python-jwcrypto Architecture: source Version: 1.5.6-1.1 Distribution: unstable Urgency: medium Maintainer: Debian FreeIPA Team <pkg-freeipa-devel@alioth-lists.debian.net> Changed-By: Adrian Bunk <bunk@debian.org> Closes: 1133006 Changes: python-jwcrypto (1.5.6-1.1) unstable; urgency=medium . * Non-maintainer upload. * CVE-2026-39373: JWT bomb Attack in deserialize (Closes: #1133006) Checksums-Sha1: f76f631cbc0704db793c13a765ff1285c47b5df5 2126 python-jwcrypto_1.5.6-1.1.dsc bc2a60b3a2685a2edabf608e85067703cff0cee8 4628 python-jwcrypto_1.5.6-1.1.debian.tar.xz Checksums-Sha256: 7b15656b20961c7c61fecc8cf70e8e777b7ea5a5c3aa3dc274f7074fbc089db6 2126 python-jwcrypto_1.5.6-1.1.dsc 132c218914d1e44cd316887dc39820a1c4178b8903cc226a4e0967f765c5b1e1 4628 python-jwcrypto_1.5.6-1.1.debian.tar.xz Files: 2203011c61a334108e8f3f7721fe2aef 2126 python optional python-jwcrypto_1.5.6-1.1.dsc 83e6a54ce23ae6bd150bda2deba033fb 4628 python optional python-jwcrypto_1.5.6-1.1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmo6mi8ACgkQiNJCh6LY mLGGVg//elZ9uML3HAIrgUiJmAis8YAci7IlPi+JQWa/I2CeEk2EtZj0YMO2V1ji URCoRF0mqyqCxmm3GmyAgB0Y27fmacuL1YF4I4r1chs614HaPhRAG9cT59xRgGVE FB/wcagsGNliucKM1B/KH4El3Gaq4RK8lcre4SjZrvaqL4wRX+1PWjHqORc4KaHs BWQ4F8oj4qKlzzWWDfeRx74wcSVYL1ei2hw7bZIX8ih4etF4B3NPteRQB9wPMrY3 d0MBXF2AMmrZSkP0i7kdieZt9uh7+pARMCaCKqS35sPizTklAs0fo1464iekqloq JDmUqgsm0JFJx+G+1Efy7KCuqeL9lkfOUKVma7jNiSP7jAQ40/vIMB5F1vGaWC+g k62HB1jsmRoYjsyLBWF1Vemf8at22j4PXQDjuFwpyqacdGW+NpEXmTAMc3X74LPX ZxBD3+3/zwbXnKpoBK7sf1m9zYUKou47H6jEm5gAtNxrwKBkhEGw6cWktwU7w/Sr SKrJrBqSfSLZYTR6e4Nv/HCeSLJaf0vkIwZfJPXVyvpeqkCyUc7lIQsw9oAfs9oZ Pg1qUKyfjFsaoRJPsJRizcm+blv6AHgUPF5r+Y+jownIINml5J42cJ2uOlx3S+82 CZEXMDYcfCgupLr9se93dMm7g/qbJqsBC1xKulpM5VM15XZyVzY= =gYW1 -----END PGP SIGNATURE-----
