Closed gluefactory closed 7 years ago
Upgraded the Jose4J dependency to 0.5.5. I'm not sure if the dropwizard-auth-jwt offers any JWE capabilities (the main reason to upgrade - see http://blog.intothesymmetry.com/2017/03/critical-vulnerability-in-json-web.html) - so the need to upgrade is less urgent than I thought
Upgraded the Jose4J dependency to 0.5.5. I'm not sure if the dropwizard-auth-jwt offers any JWE capabilities (the main reason to upgrade - see http://blog.intothesymmetry.com/2017/03/critical-vulnerability-in-json-web.html) - so the need to upgrade is less urgent than I thought