Changelog for ruby2.4-rubygem-json-jwt-1.9.4-1.2.x86_64.rpm :

* Fri Jan 18 2019 Maximilian Meister - updated to version 1.9.4 The json-jwt rubygem version >= 0.5.0 && < 1.9.4 contains a CWE-347: Improper Verification of Cryptographic Signature vulnerability in Decryption of AES-GCM encrypted JSON Web Tokens that can result in Attacker can forge a authentication tag. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 1.9.4 and later. More details here: https://nvd.nist.gov/vuln/detail/CVE-2018-1000539 bsc#1121166
* Fri Dec 08 2017 mmeisterAATTsuse.com- updated to version 1.8.3 no changelog found
* Sun Dec 03 2017 cooloAATTsuse.com- updated to version 1.8.0 no changelog found
* Fri Sep 22 2017 mmeisterAATTsuse.com- Initial packaging of version 1.7.2