[Deepin Integration]~[v25-Release] fix(golang-github-go-jose-go-jose): CVE-2025-27144, CVE-2026-34986 by deepin-ci-robot@deepin-community/golang-github-go-jose-go-jose by deepin-community-ci-bot[bot]

### Package information | 软件包信息

包名 | 版本
--  | --
golang-github-go-jose-go-jose | [4.0.4-1deepin2](https://github.com/deepin-community/golang-github-go-jose-go-jose/commit/82a7cc5b883e958d23d92630f19d21a99c33d9da)

### Package repository address | 软件包仓库地址

    deb [trusted=yes] https://ci.deepin.com/repo/obs/deepin:/CI:/TestingIntegration:/test-integration-pr-4052/testing/ ./

### Changelog | 更新信息

#### golang-github-go-jose-go-jose (4.0.4-1deepin2) unstable; urgency=medium

  * fix(CVE-2026-34986): prevent panic on KeyUnwrap of empty encrypted
    key  Decrypting a JWE object could panic if the alg field indicates
    a key wrapping algorithm and the encrypted_key field is empty. Add
    length validation in cipher.KeyUnwrap and empty key checks in
    decryptKey.




Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Deepin Integration]~[v25-Release] fix(golang-github-go-jose-go-jose): CVE-2025-27144, CVE-2026-34986 by deepin-ci-robot@deepin-community/golang-github-go-jose-go-jose by deepin-community-ci-bot[bot] #13307

Package information | 软件包信息

Package repository address | 软件包仓库地址

Changelog | 更新信息

golang-github-go-jose-go-jose (4.0.4-1deepin2) unstable; urgency=medium

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

[Deepin Integration]~[v25-Release] fix(golang-github-go-jose-go-jose): CVE-2025-27144, CVE-2026-34986 by deepin-ci-robot@deepin-community/golang-github-go-jose-go-jose by deepin-community-ci-bot[bot] #13307

Description

Package information | 软件包信息

Package repository address | 软件包仓库地址

Changelog | 更新信息

golang-github-go-jose-go-jose (4.0.4-1deepin2) unstable; urgency=medium

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions