OESA-2024-2444 python-jwcrypto security update

Implements JWK, JWS, JWE specifications with python-cryptography Security Fixes: JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to version 1.5.6, an attacker can cause a denial of service attack by passing in a malicious JWE Token with a high compression...

Oracle Linux 9 : python-jwcrypto (ELSA-2024-9281)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-9281 advisory. 1.5.6-2 - Disable auto-generation of dependencies Related: RHEL-34809 1.5.6-1 - Rebase to version 1.5.6 Resolve: RHEL-34809 Tenable has extracted the preceding...

python-jwcrypto security update

1.5.6-2 - Disable auto-generation of dependencies Related: RHEL-34809 1.5.6-1 - Rebase to version 1.5.6 Resolve: RHEL-34809...

RHSA-2024:9281 Red Hat Security Advisory: python-jwcrypto security update

Bulletin has no description...

Moderate: Red Hat Security Advisory: python-jwcrypto security update

An update for python-jwcrypto is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

RHEL 9 : python-jwcrypto (RHSA-2024:9281)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:9281 advisory. The python-jwcrypto package provides Python implementations of the JSON Web Key JWK, JSON Web Signature JWS, JSON Web Encryption JWE, and JSON Web...

ALSA-2024:9281 Moderate: python-jwcrypto security update

The python-jwcrypto package provides Python implementations of the JSON Web Key JWK, JSON Web Signature JWS, JSON Web Encryption JWE, and JSON Web Token JWT JOSE JSON Object Signing and Encryption standards. Security Fixes: JWCrypto: denail of service Via specifically crafted JWE CVE-2023-6681 Fo...

Moderate: python-jwcrypto security update

The python-jwcrypto package provides Python implementations of the JSON Web Key JWK, JSON Web Signature JWS, JSON Web Encryption JWE, and JSON Web Token JWT JOSE JSON Object Signing and Encryption standards. Security Fixes: JWCrypto: denail of service Via specifically crafted JWE CVE-2023-6681 Fo...

Advisory ROSA-SA-2024-2498

Software: python-jwcrypto 0.5.0 OS: ROSA Virtualization 2.1 packageevrstring: python-jwcrypto-0.5.0-2.rv3 CVE-ID: CVE-2024-28102 BDU-ID: 2024-01978 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the deserialize JavaScript library function for Jwcrypto is associated with uncontrolled resource...

RHSA-2024:2559 Red Hat Security Advisory: python-jwcrypto security update

Bulletin has no description...

Debian: Security Advisory (DLA-3883-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3883-1] python-jwcrypto security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3883-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb September 09, 2024 https://wiki.debian.org/LTS -...

Debian dla-3883 : python3-jwcrypto - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-3883 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3883-1 [email protected] https://www.debian.org/lts/security/...

DLA-3883-1 python-jwcrypto - security update

Bulletin has no description...

RLSA-2024:3267 Moderate: idm:DL1 and idm:client security update

Rocky Enterprise Software Foundation Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: JWCrypto: denail of service Via specifically crafted JWE CVE-2023-6681...

idm:DL1 and idm:client security update

An update is available for custodia, module.custodia, pyusb, python-qrcode, module.slapi-nis, module.pyusb, module.softhsm, python-jwcrypto, python-kdcproxy, module.opendnssec, module.python-kdcproxy, module.ipa, ipa-healthcheck, softhsm, module.python-jwcrypto, ipa, opendnssec, python-yubico,...

idm:DL1 security update

bind-dyndb-ldap custodia ipa 4.9.13-10.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 4.9.13-10 - kdb: apply combinatorial logic for ticket flags CVE-2024-3183 Resolves: RHEL-29927 - kdb: fix vulnerability in GCD rules handling CVE-2024-2698 Resolves: RHEL-29692...

Oracle Linux 8 : idm:DL1 / and / idm:client (ELSA-2024-3267)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3267 advisory. bind-dyndb-ldap custodia ipa 4.9.13-9.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 9.4.13-9 - dcerpc: invalidate forest trust...

idm:DL1 and idm:client security update

bind-dyndb-ldap custodia ipa 4.9.13-9.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 9.4.13-9 - dcerpc: invalidate forest trust intfo cache when filtering out realm domains Resolves: RHEL-28559 - Backport latests test fixes in python3-tests ipatests: add xfail for...

Moderate: Red Hat Security Advisory: idm:DL1 and idm:client security update

An update for the idm:DL1 and idm:client modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...