particle-os/debian-forge-composer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
debian-forge-composer/vendor/github.com/golang-jwt/jwt/v5/SECURITY.md
Tomáš Hozza 875a50435f go.mod: update jwt-go to v4.5.2 and v5.2.2 to fix CVE-2025-30204 
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
2025-04-22 15:14:03 +02:00

904 B
Raw Blame History

Security Policy

Supported Versions

As of November 2024 (and until this document is updated), the latest version v5 is supported. In critical cases, we might supply back-ported patches for v4.

Reporting a Vulnerability

If you think you found a vulnerability, and even if you are not sure, please report it a GitHub Security Advisory. Please try be explicit, describe steps to reproduce the security issue with code example(s).

You will receive a response within a timely manner. If the issue is confirmed, we will do our best to release a patch as soon as possible given the complexity of the problem.

Public Discussions

Please avoid publicly discussing a potential security vulnerability.

Let's take this offline and find a solution first, this limits the potential impact as much as possible.

We appreciate your help!