- Issued:
- 2019-05-08
- Updated:
- 2019-05-08
RHEA-2019:1040 - nimbus-jose-jwt bug fix and enhancement update
Synopsis
nimbus-jose-jwt bug fix and enhancement update
Type/Severity
Product Enhancement Advisory None
Topic
This content is not included.https://errata.devel.redhat.com/docs/show/36326
Description
This library implements the Javascript Object Signing and Encryption (JOSE) and JSON Web Token (JWT) specs, providing comprehensive yet easy to use security for:
- Signing and encrypting tokens, such as bearer access tokens in OAuth 2.0 and OpenID
- Connect identity tokens;
- Security event tokens;
- Self-contained API keys, with optional revocation;
- Stateless sessions;
- Protecting arbitrary content and messages;
- Authenticating clients and web API requests.
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/2974891
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Virtualization Manager | 4.3 | x86_64 |
Updated Packages
- nimbus-jose-jwt-5.12-3.el7ev.noarch.rpm
- nimbus-jose-jwt-5.12-3.el7ev.src.rpm
- nimbus-jose-jwt-javadoc-5.12-3.el7ev.noarch.rpm
Fixes
CVEs
(none)
References
(none)
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.