Hotfix/fix pyjwt vulnerability (#23)

chsou · web-flow · commit 736a79f1ac85 · 2022-08-01T17:15:37.000+02:00
* Switched to PyWJT 2.4.0. CVE-2022-29217 As specified in https://nvd.nist.gov/vuln/detail/CVE-2022-29217 PyJWT has a vulnerability fixed with version 2.4.0. * Updated for revision 1.3.1
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,11 @@
 # Changelog
 
+## Version 1.3.1
+
+### Changed
+
+* Switched to version 2.4.0 of PyJWT as recommended by https://nvd.nist.gov/vuln/detail/CVE-2022-29217 
+
 ## Version 1.3
 
 ### Changed
diff --git a/requirements.txt b/requirements.txt
@@ -8,7 +8,7 @@ python-dotenv~=0.19.0
 setuptools_scm~=6.2
 invoke~=1.6.0
 pylint~=2.11.1
-PyJWT~=2.3.0
+PyJWT~=2.4.0
 cachetools~=5.0.0
 inputimeout~=1.0.4
-flask~=2.0.2
+flask~=2.0.2
