ceph-csi/vendor/github.com/go-jose/go-jose/v3/CHANGELOG.md

# v3.0.1

Fixed:
 - Security issue: an attacker specifying a large "p2c" value can cause
   JSONWebEncryption.Decrypt and JSONWebEncryption.DecryptMulti to consume large
   amounts of CPU, causing a DoS. Thanks to Matt Schwager (@mschwager) for the
   disclosure and to Tom Tervoort for originally publishing the category of attack.
   https://i.blackhat.com/BH-US-23/Presentations/US-23-Tervoort-Three-New-Attacks-Against-JSON-Web-Tokens.pdf
rebase: bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) from 3.0.0 to 3.0.1. - [Release notes](https://github.com/go-jose/go-jose/releases) - [Changelog](https://github.com/go-jose/go-jose/blob/v3/CHANGELOG.md) - [Commits](https://github.com/go-jose/go-jose/compare/v3.0.0...v3.0.1) --- updated-dependencies: - dependency-name: github.com/go-jose/go-jose/v3 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> 2023-11-21 22:21:58 +00:00			`# v3.0.1`

			`Fixed:`
			`- Security issue: an attacker specifying a large "p2c" value can cause`
			`JSONWebEncryption.Decrypt and JSONWebEncryption.DecryptMulti to consume large`
			`amounts of CPU, causing a DoS. Thanks to Matt Schwager (@mschwager) for the`
			`disclosure and to Tom Tervoort for originally publishing the category of attack.`
			`https://i.blackhat.com/BH-US-23/Presentations/US-23-Tervoort-Three-New-Attacks-Against-JSON-Web-Tokens.pdf`