|
|
|
|
Changelog for python3-paramiko-2.7.1-2.fc32.noarch.rpm :
* Thu Jan 30 2020 Fedora Release Engineering - 2.7.1-2- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Wed Dec 11 2019 Paul Howarth - 2.7.1-1- Update to 2.7.1 - The new-style private key format (added in 2.7.0) suffered from an unpadding bug that had been fixed earlier for Ed25519 (as that key type has always used the newer format); that fix has been refactored and applied to the base key class (GH#1567) - Fix a bug in support for ECDSA keys under the newly-supported OpenSSH key format (GH#1565, GH#1566) * Wed Dec 04 2019 Paul Howarth - 2.7.0-1- Update to 2.7.0 - Implement support for OpenSSH 6.5-style private key files (typically denoted as having \'BEGIN OPENSSH PRIVATE KEY\' headers instead of PEM format\'s \'BEGIN RSA PRIVATE KEY\' or similar); if you were getting any sort of weird auth error from \"modern\" keys generated on newer operating system releases (such as macOS Mojave), this is the first update to try (GH#602, GH#618, GH#1313, GH#1343) - Token expansion in \'ssh_config\' used a different method of determining the local username (\'$USER\' environment variable), compared to what the (much older) client connection code does (\'getpass.getuser\', which includes \'$USER\' but may check other variables first, and is generally much more comprehensive); both modules now use \'getpass.getuser\' - A couple of outright \'~paramiko.config.SSHConfig\' parse errors were previously represented as vanilla \'Exception\' instances; as part of recent feature work a more specific exception class, \'~paramiko.ssh_exception.ConfigParseError\', has been created; it is now also used in those older spots, which is naturally backwards compatible - Implement support for the \'Match\' keyword in \'ssh_config\' files; previously, this keyword was simply ignored and keywords inside such blocks were treated as if they were part of the previous block (GH#717) - Note: this feature adds a new optional install dependency \'Invoke\' (https://www.pyinvoke.org), for managing \'Match exec\' subprocesses - Additional installation \'extras_require\' \"flavors\" (\'ed25519\', \'invoke\', and \'all\') have been added to our packaging metadata - Paramiko\'s use of \'subprocess\' for \'ProxyCommand\' support is conditionally imported to prevent issues on limited interpreter platforms like Google Compute Engine; however, any resulting \'ImportError\' was lost instead of preserved for raising (in the rare cases where a user tried leveraging \'ProxyCommand\' in such an environment); this has been fixed - Perform deduplication of \'IdentityFile\' contents during \'ssh_config\' parsing; previously, if your config would result in the same value being encountered more than once, \'IdentityFile\' would contain that many copies of the same string - Implement most \'canonical hostname\' \'ssh_config\' functionality (\'CanonicalizeHostname\', \'CanonicalDomains\', \'CanonicalizeFallbackLocal\', and \'CanonicalizeMaxDots\'; \'CanonicalizePermittedCNAMEs\' has *not * yet been implemented) - all were previously silently ignored (GH#897) - Explicitly document which ssh_config features we currently support; previously users just had to guess, which is simply no good - Add new convenience classmethod constructors to \'~paramiko.config.SSHConfig\': \'~paramiko.config.SSHConfig.from_text\', \'~paramiko.config.SSHConfig.from_file\', and \'~paramiko.config.SSHConfig.from_path\'; no more annoying two-step process!- Add Recommends: of python3-invoke and python3-pyasn1 for optional functionality * Sun Oct 06 2019 Othman Madjoudj - 2.6.0-5- Drop python2 subpackage since it\'s eol-ed * Thu Oct 03 2019 Miro Hrončok - 2.6.0-4- Rebuilt for Python 3.8.0rc1 (#1748018) * Mon Aug 19 2019 Miro Hrončok - 2.6.0-3- Rebuilt for Python 3.8 * Fri Jul 26 2019 Fedora Release Engineering - 2.6.0-2- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Thu Jun 27 2019 Paul Howarth - 2.6.0-1- Update to 2.6.0 - Add a new keyword argument to \'SSHClient.connect\' and \'~paramiko.transport.Transport\', \'disabled_algorithms\', which allows selectively disabling one or more kex/key/cipher/etc algorithms; this can be useful when disabling algorithms your target server (or client) does not support cleanly, or to work around unpatched bugs in Paramiko\'s own implementation thereof (GH#1463) - Tweak many exception classes so their string representations are more human-friendly; this also includes incidental changes to some \'super()\' calls (GH#1440, GH#1460) - Add backwards-compatible support for the \'gssapi\' GSSAPI library, as the previous backend (\'python-gssapi\') has become defunct (GH#584, GH#1166, GH#1311) - \'SSHClient.exec_command\' now returns a new subclass, \'~paramiko.channel.ChannelStdinFile\', rather than a naïve \'~paramiko.channel.ChannelFile\' object for its \'stdin\' value, which fixes issues such as hangs when running remote commands that read from stdin (GH#322)- Drop gssapi patch as it\'s no longer needed- Drop pytest-relaxed patch as it\'s no longer needed * Thu Jun 27 2019 Paul Howarth - 2.5.1-1- Update to 2.5.1 - Fix Ed25519 key handling so certain key comment lengths don\'t cause \'SSHException(\"Invalid key\")\' (GH#1306, GH#1400) * Mon Jun 10 2019 Paul Howarth - 2.5.0-1- Update to 2.5.0 - Add support for encrypt-then-MAC (ETM) schemes and two newer Diffie-Hellman group key exchange algorithms (\'group14\', using SHA256; and \'group16\', using SHA512) - Add support for Curve25519 key exchange - Raise Cryptography dependency requirement to version 2.5 (from 1.5) and update some deprecated uses of its API - Add support for the modern (as of Python 3.3) import location of \'MutableMapping\' (used in host key management) to avoid the old location becoming deprecated in Python 3.8- Drop hard dependency on pyasn1 as it\'s only needed for optional GSSAPI functionality * Sat Feb 02 2019 Fedora Release Engineering - 2.4.2-2- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Tue Oct 09 2018 Paul Howarth - 2.4.2-1- Update to 2.4.2 - Fix exploit (GH#1283, CVE-2018-1000805) in Paramiko’s server mode (not client mode) where hostile clients could trick the server into thinking they were authenticated without actually submitting valid authentication - Modify protocol message handling such that Transport does not respond to MSG_UNIMPLEMENTED with its own MSG_UNIMPLEMENTED; this behavior probably didn’t cause any outright errors, but it doesn’t seem to conform to the RFCs and could cause (non-infinite) feedback loops in some scenarios (usually those involving Paramiko on both ends) - Add *.pub files to the MANIFEST so distributed source packages contain some necessary test assets (GH#1262)- Test suite now requires mock ≥ 2.0.0 * Sat Jul 14 2018 Fedora Release Engineering - 2.4.1-5- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Wed Jun 20 2018 Miro Hrončok - 2.4.1-4- Rebuilt for Python 3.7- Remove dependency on on pytest-relaxed * Fri Mar 16 2018 Paul Howarth - 2.4.1-1- Update to 2.4.1 - Fix a security flaw (GH#1175, CVE-2018-7750) in Paramiko\'s server mode (this does not impact client use) where authentication status was not checked before processing channel-open and other requests typically only sent after authenticating - Ed25519 auth key decryption raised an unexpected exception when given a unicode password string (typical in python 3) (GH#1039) * Fri Feb 09 2018 Fedora Release Engineering - 2.4.0-3- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
|
|