| Name | Modified | Size | Downloads / Week |
|---|---|---|---|
| Parent folder | |||
| 3.4.10 source code.tar.gz | 2026-06-06 | 134.8 kB | |
| 3.4.10 source code.zip | 2026-06-06 | 478.7 kB | |
| README.md | 2026-06-06 | 838 Bytes | |
| Totals: 3 Items | 614.4 kB | 1 | |
Release Notes for 3.4.10
Security patch release.
This release addresses four security issues in the JOSE implementation:
- PBES2-HS*+A*KW — the
p2c(PBKDF2 iteration count) is now bounded (configurable) to prevent a CPU-amplification denial of service. (GHSA-3prj-6hqw-cm82) - ChaCha20-Poly1305 key encryption — the Poly1305 authentication tag is now emitted and verified; tampered tokens are rejected. (GHSA-6vvh-pxr4-25r7)
- RSA1_5 — PKCS#1 v1.5 decryption now uses constant-time implicit rejection, mitigating Bleichenbacher-style padding oracles. (GHSA-5739-39v2-5754)
- JWS — the
algparameter is read only from the integrity-protected header, preventing algorithm-confusion attacks. (GHSA-jc38-x7x8-2xc8)
Note: 3.4.10 ships the fixes; the accompanying test-suite update is included in 3.4.11.