ELBA-2026-61728
- ULN >
- Oracle Linux Errata repository >
- ELBA-2026-61728
ELBA-2026-61728 - scitokens-cpp Bug Fix update
| Type: | BUG |
| Impact: | NA |
| Release Date: | 2026-02-07 |
Description
[1.3.0-1]
- Add scitokens-generate-jwks CLI for key generation.
- Add environment variable-based configuration on library initialization.
- Add per-issuer lock to prevent multiple concurrent queries against issuers without a known key
- Add negative cache for failed issuer lookups (preventing frequent re-queries)
- Add monitoring API for per-issuer validation statistics
- Add optional background thread for JWKS refresh
- Add keycache load, metadata, and delete APIs
- Revert 'Fix memory leak in rs256_from_coords' by @djw8605
- Add CTest-based integration test with JWKS server and TLS infrastructure
[1.2.0-1]
- Fix segfault if the JSON parser cannot parse the JWKS
- Fix float time claims issue and improve error handling
- Fix security issue with malicious issuer handling in error messages
- Improve JWTVerificationException message to include the invalid issuer
- Update usage on verify command to make the TOKENFILE explicit
- Read token for scitokens-verify from stdin
- Set CURLOPT_NOSIGNAL option in SimpleCurlGet to prevent signal interruptions
- Adding asan value to the job name
- Turn off building unit tests by default.
- Add cmake option SCITOKENS_WITH_ASAN which enables memory checking with the address sanitizer. Also enable this in CI, so that tests fail if they hit a memory leak or other memory problem.
- Fix memory leak in store_public_ec_key
- Fix memory leaks in the unit tests
- Fix memory leak in rs256_from_coords
- Fix memory leak in scitokens_verify
[1.1.3-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 10 (aarch64) | scitokens-cpp-1.3.0-1.el10_1.src.rpm | 0b9d3bfc5966a2d596a468addf50393f1646d4ca7e7769c213f441bb273428e9 | - | ol10_aarch64_u1_developer_EPEL |
| scitokens-cpp-1.3.0-1.el10_1.aarch64.rpm | 5c796327e1fce7c46f812e5176db7d6a5f67f59685b72804140a1ce45f5d3b5f | - | ol10_aarch64_u1_developer_EPEL | |
| scitokens-cpp-devel-1.3.0-1.el10_1.aarch64.rpm | 1bdafb3cefd713e58d20958eca2e24241dad86e319ed4c2e36d6a9a6f614d141 | - | ol10_aarch64_u1_developer_EPEL | |
| Oracle Linux 10 (x86_64) | scitokens-cpp-1.3.0-1.el10_1.src.rpm | 0b9d3bfc5966a2d596a468addf50393f1646d4ca7e7769c213f441bb273428e9 | - | ol10_x86_64_u1_developer_EPEL |
| scitokens-cpp-1.3.0-1.el10_1.x86_64.rpm | 7352ed62c5c507f810144e603f2b2924ea80f1b1741c55a67319f309020b1d00 | - | ol10_x86_64_u1_developer_EPEL | |
| scitokens-cpp-devel-1.3.0-1.el10_1.x86_64.rpm | c36b3dc8caf3cfba6672541a10f11f18afdb0bc0e0e7147f790ab85a829d712d | - | ol10_x86_64_u1_developer_EPEL | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
