Package python3-paramiko-3.5.0-1.el10_0.noarch
| Name | python3-paramiko |
|---|---|
| Epoch | 0 |
| Version | 3.5.0 |
| Release | 1.el10_0 |
| Architecture | noarch |
| Website/URL | https://github.com/paramiko/paramiko |
| License | LGPL-2.1-or-later |
| Build Time | 2025-01-10 21:13:16 |
| Build Host | builder-arm64-1.inferitos.ru |
| Summary | SSH2 protocol library for python |
| Repositories | Extras |
| Description | Paramiko (a combination of the Esperanto words for "paranoid" and "friend") is a module for python 2.3 or greater that implements the SSH2 protocol for secure (encrypted and authenticated) connections to remote machines. Unlike SSL (aka TLS), the SSH2 protocol does not require hierarchical certificates signed by a powerful central authority. You may know SSH2 as the protocol that replaced telnet and rsh for secure access to remote shells, but the protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel (this is how sftp works, for example). Python 3 version. |
| Errata | — |
| Size | 412 KiB |
| Source Project | python-paramiko-3.5.0-1.el10_0 |
| SHA-256 checksum | 26ce278e89b00714939dc8db3a3cfe97e773b79f53b53e9b30dbb2ec8a17eeb0 |
×
![Full screenshot]()
* Fri Jan 10 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 3.5.0-1
- Rebuilt for MSVSphere 10
* Mon Sep 16 2024 Paul Howarth <paul@city-fan.org> - 3.5.0-1
- Update to 3.5.0 (rhbz#2312503)
- Add support for AES-GCM encryption ciphers (128 and 256 bit variants)
(GH#982, GH#2157, GH#2444, rhbz#2311855); this functionality has been
tested in client mode against OpenSSH 9.0, 9.2 and 9.6, as well as against
a number of proprietary appliance SSH servers
- Check for 'None' transport members inside '~paramiko.channel.Channel' when
closing the channel; this likely doesn't come up much in the real world,
but was causing warnings in the test suite
* Mon Aug 12 2024 Paul Howarth <paul@city-fan.org> - 3.4.1-1
- Update to 3.4.1
- Massage our import of the TripleDES cipher to support Cryptography ≥ 43;
this should prevent 'CryptographyDeprecationWarning' from appearing upon
import (GH#2419, GH#2421)
- Modify a test-harness skiptest check to work with newer versions of
Cryptography (GH#2420)
- Fix a 64-bit-ism in the test suite so the tests don't encounter a false
negative on 32-bit systems (GH#2353)
* Mon Jul 22 2024 Paul Howarth <paul@city-fan.org> - 3.4.0-6
- Fix detection of SHA1 signing support
https://github.com/paramiko/paramiko/pull/2420
https://github.com/pyca/cryptography/issues/11332
https://github.com/PyO3/pyo3/issues/3059
- Remove cache Sphinx build folder ".doctrees"
* Fri Jul 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 3.4.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Sat Jun 08 2024 Python Maint <python-maint@redhat.com> - 3.4.0-4
- Rebuilt for Python 3.13
* Fri Jan 26 2024 Fedora Release Engineering <releng@fedoraproject.org> - 3.4.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Mon Jan 22 2024 Fedora Release Engineering <releng@fedoraproject.org> - 3.4.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Tue Dec 19 2023 Gwyn Ciesla <gwync@protonmail.com> - 3.4.0-1
- 3.4.0
- 'Transport' grew a new 'packetizer_class' kwarg for overriding the
packet-handler class used internally (mostly for testing, but advanced
users may find this useful when doing deep hacks)
- Address CVE 2023-48795 (https://terrapin-attack.com/) a.k.a. the "Terrapin
Attack", a vulnerability found in the SSH protocol re: treatment of packet
sequence numbers) as follows:
- The vulnerability only impacts encrypt-then-MAC digest algorithms in
tandem with CBC ciphers, and ChaCha20-poly1305; of these, Paramiko
currently only implements 'hmac-sha2-(256|512)-etm' in tandem with
'AES-CBC'; if you are unable to upgrade to Paramiko versions containing
the below fixes right away, you may instead use the 'disabled_algorithms'
connection option to disable the ETM MACs and/or the CBC ciphers (this
option is present in Paramiko ≥ 2.6)
- As the fix for the vulnerability requires both ends of the connection to
cooperate, the below changes will only take effect when the remote end is
OpenSSH ≥ 9.6 (or equivalent, such as Paramiko in server mode, as of this
patch version) and configured to use the new "strict kex" mode (Paramiko
will always attempt to use "strict kex" mode if offered by the server,
unless you override this by specifying 'strict_kex=False' in
'Transport.__init__')
- Paramiko will now raise an 'SSHException' subclass ('MessageOrderError')
when protocol messages are received in unexpected order; this includes
situations like receiving 'MSG_DEBUG' or 'MSG_IGNORE' during initial key
exchange, which are no longer allowed during strict mode
- Key (re)negotiation -- i.e. 'MSG_NEWKEYS', whenever it is encountered --
now resets packet sequence numbers (this should be invisible to users
during normal operation, only causing exceptions if the exploit is
encountered, which will usually result in, again, 'MessageOrderError')
- Sequence number rollover will now raise 'SSHException' if it occurs
during initial key exchange (regardless of strict mode status)
- Tweak 'ext-info-(c|s)' detection during KEXINIT protocol phase; the
original implementation made assumptions based on an OpenSSH implementation
detail
* Sun Jul 30 2023 Paul Howarth <paul@city-fan.org> - 3.3.1-1
- Update to 3.3.1 (rhbz#2227478)
- Cleaned up some very old root level files, mostly just to exercise some of
our doc build and release machinery