-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-2e9c58d661 2024-06-20 08:00:46.156458 --------------------------------------------------------------------------------
Name : python-authlib Product : Fedora 39 Version : 1.3.1 Release : 1.fc39 URL : https://github.com/lepture/authlib Summary : Build OAuth and OpenID Connect servers in Python Description : Python library for building OAuth and OpenID Connect servers. JWS, JWK, JWA, JWT are included.
-------------------------------------------------------------------------------- Update Information:
Update to v1.3.1 (CVE-2024-37568) -------------------------------------------------------------------------------- ChangeLog:
* Tue Jun 11 2024 Kai A. Hiller V02460@gmail.com - 1.3.1-1 - Update to v1.3.1 (CVE-2024-37568) * Fri Jun 7 2024 Python Maint python-maint@redhat.com - 1.3.0-5 - Bootstrap for Python 3.13 * Tue Apr 23 2024 Miro Hron��ok miro@hroncok.cz - 1.3.0-4 - Convert the --without check bcond to --without tests - Limit test deps when not running them - Run import check even when not running tests * Fri Jan 26 2024 Fedora Release Engineering releng@fedoraproject.org - 1.3.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sun Jan 21 2024 Fedora Release Engineering releng@fedoraproject.org - 1.3.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Wed Jan 10 2024 Kai A. Hiller V02460@gmail.com - 1.3.0-1 - Update to v1.3.0 * Wed Jan 10 2024 Kai A. Hiller V02460@gmail.com - 1.2.1-7 - Add %bcond_without check * Wed Jan 10 2024 Kai A. Hiller V02460@gmail.com - 1.2.1-6 - Remove unused %global define * Wed Jan 10 2024 Kai A. Hiller V02460@gmail.com - 1.2.1-5 - Inline %{srcname} * Wed Jan 10 2024 Kai A. Hiller V02460@gmail.com - 1.2.1-4 - Fix spec file section formatting * Sun Aug 20 2023 Kai A. Hiller V02460@gmail.com - 1.2.1-3 - SPDX migration -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2291129 - CVE-2024-37568 python-authlib: Algorithm confusion when verifying JSON Web Tokens with asymmetric public keys https://bugzilla.redhat.com/show_bug.cgi?id=2291129 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-2e9c58d661' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------