lestrrat-go/jwx v1.2.26

[SECURITY] v1.2.26

on GitHub

v1.2.26 - 14 Jun 2023
[Security]
  * Potential Padding Oracle Attack Vulnerability and Timing Attack Vulnerability
    for JWE AES-CBC encrypted payloads affecting all v2 releases up to v2.0.10,
    all v1 releases up to v1.2.25, and all v0 releases up to v0.9.2 have been reported by
    @shogo82148.

    Please note that v0 versions will NOT receive fixes.
    This release fixes these vulnerabilities for the v1 series.