[ubuntu/bionic-proposed] paramiko 2.0.0-1ubuntu1 (Accepted)

Steve Beattie sbeattie at ubuntu.com
Thu Mar 22 17:52:18 UTC 2018 

paramiko (2.0.0-1ubuntu1) bionic; urgency=medium

  [Steve Beattie]
  * SECURITY UPDATE: customized clients can skip auth
    - 0004-Fixes-CVE-2018-7750-1175.patch: send message failure if not
      authenticated and message type is a service request
    - 0002-Allow-overriding-test-client-connect-kwargs-in-Trans.patch,
      0003-Initial-tests-proving-CVE-2018-7750-1175.patch:
      add testcases plus prereq
    - CVE-2018-7750

  [ Fabien Tassin ]
  * SECURITY UPDATE: weak diffie-hellman-group1-sha1 kex always preferred (LP: #1728607)
    - 0010-git-c1233679c44-change-order-of-preferred-kex-and-hmac-algorithms.patch
    - 0011-git-b395444062e-Reorder-cipher-and-key-preferences-to-make-more-sense.patch
    Backport of the upstream changes from 2.3.1, matching the OpenSSH 7
    deprecation of diffie-hellman-group1-sha1 (http://www.openssh.com/legacy.html).
    This patch doesn't remove the support of diffie-hellman-group1-sha1 but
    makes it the least preferred kex for backward compatibility

Date: Fri, 16 Mar 2018 15:44:26 -0700
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/paramiko/2.0.0-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 16 Mar 2018 15:44:26 -0700
Source: paramiko
Binary: paramiko-doc python-paramiko python3-paramiko
Architecture: source
Version: 2.0.0-1ubuntu1
Distribution: bionic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description:
 paramiko-doc - Make ssh v2 connections with Python (Documentation)
 python-paramiko - Make ssh v2 connections (Python 2)
 python3-paramiko - Make ssh v2 connections (Python 3)
Launchpad-Bugs-Fixed: 1728607
Changes:
 paramiko (2.0.0-1ubuntu1) bionic; urgency=medium
 .
   [Steve Beattie]
   * SECURITY UPDATE: customized clients can skip auth
     - 0004-Fixes-CVE-2018-7750-1175.patch: send message failure if not
       authenticated and message type is a service request
     - 0002-Allow-overriding-test-client-connect-kwargs-in-Trans.patch,
       0003-Initial-tests-proving-CVE-2018-7750-1175.patch:
       add testcases plus prereq
     - CVE-2018-7750
 .
   [ Fabien Tassin ]
   * SECURITY UPDATE: weak diffie-hellman-group1-sha1 kex always preferred (LP: #1728607)
     - 0010-git-c1233679c44-change-order-of-preferred-kex-and-hmac-algorithms.patch
     - 0011-git-b395444062e-Reorder-cipher-and-key-preferences-to-make-more-sense.patch
     Backport of the upstream changes from 2.3.1, matching the OpenSSH 7
     deprecation of diffie-hellman-group1-sha1 (http://www.openssh.com/legacy.html).
     This patch doesn't remove the support of diffie-hellman-group1-sha1 but
     makes it the least preferred kex for backward compatibility
Checksums-Sha1:
 e7051f1e6041b8ead6c55ea5ad4e15bd2fa30053 2395 paramiko_2.0.0-1ubuntu1.dsc
 7f7eb64c5e9435b813f7dcb9f171aad86df01442 9980 paramiko_2.0.0-1ubuntu1.debian.tar.xz
 d37b5661770922eb562926c1ee92bfe957adb2ba 8270 paramiko_2.0.0-1ubuntu1_source.buildinfo
Checksums-Sha256:
 9a89b8a4c5cf29f3cc4848209208b616c682f5b6c073e7d2b973873a53710644 2395 paramiko_2.0.0-1ubuntu1.dsc
 d34a1a873d161795364e3eb16811b9ee09398b98a05b37063703404b3b1ef4f7 9980 paramiko_2.0.0-1ubuntu1.debian.tar.xz
 9689b039b1bcfd65d1f16a2c133a7672e3b5627957a936934de888f36f427e5a 8270 paramiko_2.0.0-1ubuntu1_source.buildinfo
Files:
 0c56662f4ffbe375a5eccb779c9843c8 2395 python optional paramiko_2.0.0-1ubuntu1.dsc
 a4cad071aacf0436d99886aad8b55e57 9980 python optional paramiko_2.0.0-1ubuntu1.debian.tar.xz
 2d02d967ba858c9b2f396e9a8a255c20 8270 python optional paramiko_2.0.0-1ubuntu1_source.buildinfo
Original-Maintainer: Jeremy T. Bouse <jbouse at debian.org>

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJas+xRAAoJEGVp2FWnRL6TsKEP/jPSBzKy6q1scvhVQJCd9kI2
xx1jJ0ALRwyYPg9WZp90FNA9iH/UhhdEJOaBZuvfUGfccbYZQALxeN0Goj9/sXzO
FT8gCvrvmEKqp1S81OsI2T3f4NsHtsgxDMZ7OebMOoVqe0gOuy7WLKE6xSpM4E6H
i9WYp32REeV8UcQbrKa83CqafXL9HKYTz0q8DWPRCWMpR2vSIaEmiqKP17FIPEY+
0Ji7XAPRPcufssE8rFAJ2ZKJffxI3syK7b/o7BWZGthmwIlRKVzD74C3pvMnS6wN
PhcKI+q076qz1z2l20vcWXCpyNUUP065ejxfzU44QGbcCWI2Y0qAKsmGsFCwl6W/
D4YHe+bT8e4KeU9hlfs8Bl+yk7JJ4kVaqVizQFxx9Jmc4W/rFUCHuMP8hYn6ETcZ
BGsBbnVrgzE0HWILdCQbap+favdBAogojdobWZ10G6dcfL8RNieF/XZRrH9cOCSS
A2nBxD6b8YPL21+xSewk0t5JOlYLX+rNmTG0uRVyCOu0DS3YLdzSQwpKIPiYDNLN
WhR314LLDt9i6ki7JIWJ6VaeKRMnmNeXFdULrEiGxvKCz0Wdt5+aVt3zva9P8rkE
Obje9hlpDSemILiMHkVp6d4XQkPEi98CmxH20W9VOa2IU3esOBPP+TURFfXfMMSq
w9745iI1Y8meHqiag7e2
=bK5N
-----END PGP SIGNATURE-----

More information about the Bionic-changes mailing list