Cookie-signature is a library for signing cookies.
Versions before 1.0.4 were vulnerable to timing attacks.
Created nodejs-cookie-signature tracking bugs for this issue:
Affects: fedora-all [bug 1371410]
Affects: epel-all [bug 1371411]
*** Bug 1379747 has been marked as a duplicate of this bug. ***