-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 28 Apr 2026 16:47:59 +0200 Source: pyjwt Binary: python3-jwt Architecture: all Version: 2.6.0-1+deb12u1 Distribution: bookworm-security Urgency: high Maintainer: all / amd64 / i386 Build Daemon (x86-grnet-03) Changed-By: Jochen Sprickerhof Description: python3-jwt - Python 3 implementation of JSON Web Token Closes: 1130662 Changes: pyjwt (2.6.0-1+deb12u1) bookworm-security; urgency=high . * Team upload. * Fix CVE-2026-32597: PyJWT did not validate the crit (Critical) Header Parameter defined in RFC 7515 ยง4.1.11. When a JWS token contains a crit array listing extensions that PyJWT does not understand, the library accepts the token instead of rejecting it. This violates the MUST requirement in the RFC. (Closes: #1130662) Checksums-Sha1: 524a6f5920fcc572a883919e7f29dce1d77a20bd 7364 pyjwt_2.6.0-1+deb12u1_all-buildd.buildinfo de8c1cb35ca1e21f77182d0c8915e4845c18cd72 27080 python3-jwt_2.6.0-1+deb12u1_all.deb Checksums-Sha256: 52d09b85efa5f7e3770afc3e036c94462ea4830549d5a06e44931812fa77ff09 7364 pyjwt_2.6.0-1+deb12u1_all-buildd.buildinfo c7c434a0b46b2519d117ff26b738526001b9bd7884800bcf5ac64834384f94ef 27080 python3-jwt_2.6.0-1+deb12u1_all.deb Files: 601d839ab3f68a7affb7f61099f560d5 7364 python optional pyjwt_2.6.0-1+deb12u1_all-buildd.buildinfo e93326e895f6680cac567220d7e32a72 27080 python optional python3-jwt_2.6.0-1+deb12u1_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE5ZI1lXv5WjhHIVjsN8Ugyu9dQiQFAmn5f7wACgkQN8Ugyu9d QiT2Xw/+Pkv51VY1FiGPM5xAuOspr76nLdUlhx95t6zHNv3C7AZ/SDt235/Hvj+2 OP0PpPfeuSKmiQxVryjBqCojxqtDUGvZqrhP7T5efpN4XllxG0yB8KGkxqNk+UZL JLl3DTSMqvIrbyuBYEc4myZv7/ObNSWH++CaeWd4aETWsy8NFF5M1cl7xaw/9tFt IcehmjRM9C5IKwWgDnZ6/xmq03ZnEm2phpRlkD1Id/GwzmMZvJgRzWViEP7E6Nqm i0suaqBvLocf0euRSohHdpTk5Zk1Fqa8dgQvN+XlnLwXu4pB+HrjlUvkZVIxz4yJ QJ+TKuac+Z6MbWmsIZF4+2kTad1U5zentFDB4p3Hg+nyyqqAuh7W16+Fr1LcHw/v AdAVWXh+zFAwb9bqMoATdxn/eYaAWO1tKiIjX65OLAanIp0/Goog0bV8L6LjUCR2 lrHg0EQ81sArHmp327j1JJZGKLVQjww/dK/Vwq5DHftTraBGuCofu2YKehDwEkb3 fmkDv3ZtvXgdHiSoKaAwHwZ6Kkda39Cm0d/l3o1dFVUvFmKf/08UbFqdZEvnP/5J fhIxsaWvdWMt3NtMJW3Lrz93TemEz6S+jfjx3SMTxTc1WjkZ0DdIrcX9I2FcqCr5 PHKbVIOqdt6mW3VVPKrOetRc6AY96M6rViVX0h8OfSMJOc2b2+M= =Dshm -----END PGP SIGNATURE-----