Update bundled PyJWT to 2.4.0 for Windows and macOS builds

XMLWordPrintable

    • Type: Task
    • Resolution: Fixed
    • Priority: Normal
    • 2.8
    • Affects Version/s: 2.8.0rc2
    • Component/s: Other
    • None

       
      PyJWT 2.4.0 contains an important security fix, see CVE-2022-29217 in https://pyjwt.readthedocs.io/en/stable/changelog.html#v2-4-0

      Picard is even without this patch not affected by this issue, as it explicitly sets the algorithm. But still good practice to ship a version that fixes this potential issue. Also potentially there could also be a plugin making use of this.

            Assignee:
            Philipp Wolfer
            Reporter:
            Philipp Wolfer
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved:

                Version Package
                2.8