| Release | Version |
|---|---|
| buster | 1.10.1-1 |
| buster (security) | 1.10.1-1+deb10u1 |
| bullseye | 1.10.2-1 |
| bookworm | 1.10.2-1 |
| trixie | 1.17.0-2 |
| sid | 1.17.0-2 |
| Bug | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2024-25189 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | libjwt 1.15.3 uses strcmp (which is not constant time) to verify authe ... |
| DSA / DLA | Description |
|---|---|
| DLA-3739-1 | libjwt - security update |