Fedora Packages

python3-paramiko-2.4.3-2.el8 in EPEL 8

↵ Return to the main page of python3-paramiko
View build
Search for updates

Package Info
🠗 Changelog
🠗 Dependencies
🠗 Provides
🠗 Files

Changelog

Date Author Change
2022-03-13 Paul Howarth <paul at city dash fan dot org> - 2.4.3-2 - Security fix backported from 2.10.1 - CVE-2022-24302: Creation of new private key files using '~paramiko.pkey.PKey' subclasses was subject to a race condition between file creation and mode modification, which could be exploited by an attacker with knowledge of where the Paramiko-using code would write out such files; this has been patched by using 'os.open' and 'os.fdopen' to ensure new files are opened with the correct mode immediately (we've left the subsequent explicit 'chmod' in place to minimize any possible disruption, though it may get removed in future backwards-incompatible updates)
2019-09-24 Paul Howarth <paul at city dash fan dot org> - 2.4.3-1 - Update to 2.4.3 - Fix Ed25519 key handling so certain key comment lengths don't cause 'SSHException("Invalid key")' (GH#1306, GH#1400) - Add support for the modern (as of Python 3.3) import location of 'MutableMapping' (used in host key management) to avoid the old location becoming deprecated in Python 3.8
2019-09-24 Paul Howarth <paul at city dash fan dot org> - 2.4.2-2 - Drop Python 2 package https://fedoraproject.org/wiki/Changes/Mass_Python_2_Package_Removal
2018-10-09 Paul Howarth <paul at city dash fan dot org> - 2.4.2-1 - Update to 2.4.2 - Fix exploit (GH#1283, CVE-2018-1000805) in Paramiko’s server mode (not client mode) where hostile clients could trick the server into thinking they were authenticated without actually submitting valid authentication - Modify protocol message handling such that Transport does not respond to MSG_UNIMPLEMENTED with its own MSG_UNIMPLEMENTED; this behavior probably didn’t cause any outright errors, but it doesn’t seem to conform to the RFCs and could cause (non-infinite) feedback loops in some scenarios (usually those involving Paramiko on both ends) - Add *.pub files to the MANIFEST so distributed source packages contain some necessary test assets (GH#1262) - Test suite now requires mock ≥ 2.0.0
2018-07-14 Fedora Release Engineering <releng at fedoraproject dot org> - 2.4.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
2018-06-20 Miro Hrončok <mhroncok at redhat dot com> - 2.4.1-4 - Rebuilt for Python 3.7 - Remove dependency on on pytest-relaxed
2018-03-16 Paul Howarth <paul at city dash fan dot org> - 2.4.1-1 - Update to 2.4.1 - Fix a security flaw (GH#1175, CVE-2018-7750) in Paramiko's server mode (this does not impact client use) where authentication status was not checked before processing channel-open and other requests typically only sent after authenticating - Ed25519 auth key decryption raised an unexpected exception when given a unicode password string (typical in python 3) (GH#1039)
2018-02-09 Fedora Release Engineering <releng at fedoraproject dot org> - 2.4.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
2017-11-18 Athmane Madjoudj <athmane at fedoraproject dot org> - 2.4.0-2 - Add gssapi patch back since 2.4.0 still not compatible - Add missing BR (lost during merge)
2017-11-17 Igor Gnatenko <ignatenkobrain at fedoraproject dot org> - 2.4.0-1 - Update to 2.4.0

Dependencies

Provides

  • python3-paramiko
  • python3.6dist(paramiko)
  • python3dist(paramiko)

Files


Sources on Pagure