17.04 and 17.10 are not affected since they publish the fixed version 0.3.2. 16.04 appears to be affected, but the code is significantly different. I've requested info from the source project owner to test my proposed patch for 16.04.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1717356 Title: CVE-2016-6298 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/python-jwcrypto/+bug/1717356/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
