Add changelog for #4035
This commit is contained in:
1
changelog/4035.security.md
Normal file
1
changelog/4035.security.md
Normal file
@@ -0,0 +1 @@
|
||||
- Bumped PyJWT minimum version from 2.10.1 to 2.12.0 in the `livekit` extra to address CVE-2026-32597 (GHSA-752w-5fwx-jx9f), where PyJWT <= 2.11.0 accepted unknown `crit` header extensions.
|
||||
Reference in New Issue
Block a user