From 3dd39214fb108e3677fc289bca8389618d5c9c1b Mon Sep 17 00:00:00 2001
From: Hugo van Kemenade <hugovk@users.noreply.github.com>
Date: Thu, 13 Oct 2022 14:39:17 +0200
Subject: [PATCH] Require pyjwt>=2.4.0 to avoid CVE-2022-29217

---
 requirements.txt | 2 +-
 setup.py         | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index ae9478587a..bc82296fc8 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,6 +1,6 @@
 pynacl>=1.4.0
 requests>=2.14.0
-pyjwt>=2.0
+pyjwt>=2.4.0
 sphinx<3
 Jinja2<3.1
 sphinx-rtd-theme<1.1
diff --git a/setup.py b/setup.py
index acd8c328c0..bd22abb837 100755
--- a/setup.py
+++ b/setup.py
@@ -106,7 +106,7 @@
         python_requires=">=3.7",
         install_requires=[
             "deprecated",
-            "pyjwt>=2.0",
+            "pyjwt>=2.4.0",
             "pynacl>=1.4.0",
             "requests>=2.14.0",
         ],