Accepting request 503627 from devel:languages:python

1

OBS-URL: https://build.opensuse.org/request/show/503627
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-paramiko?expand=0&rev=34

paramiko-2.1.2.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:5fae49bed35e2e3d45c4f7b0db2d38b9ca626312d91119b3991d0ecf8125e310
-size 1196746

paramiko-2.1.3.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:aac8214feacbf54a9f2c5643dbed4a80f804c6e7dfe01db598c17e845395bd8e
+size 1195766

python-paramiko.changes

@@ -1,3 +1,39 @@
+-------------------------------------------------------------------
+Sun Jun 11 16:32:09 UTC 2017 - mimi.vx@gmail.com
+
+- update to 2.1.3
+* Make util.log_to_file append instead of replace.
+* SSHClient and Transport could cause a memory leak if there’s a connection
+	 problem or protocol error, even if Transport.close() is called.
+* Prior support for ecdsa-sha2-nistp(384|521) algorithms didn’t fully extend
+	 to covering host keys, preventing connection to hosts which only offer
+	 these key types and no others. This is now fixed.
+* Prefer newer ecdsa-sha2-nistp keys over RSA and DSA keys during host key
+	 selection. This improves compatibility with OpenSSH, both in terms of general
+	 behavior, and also re: ability to properly leverage OpenSSH-modified
+	 known_hosts files.
+* The RC4/arcfour family of ciphers has been broken since version 2.0; but since
+	 the algorithm is now known to be completely insecure, we are opting
+	 to remove support outright instead of fixing it.
+* Move sha1 above the now-arguably-broken md5 in the list of preferred MAC
+	 algorithms, as an incremental security improvement for users whose target
+	 systems offer both.
+* Writing encrypted/password-protected private key files was silently broken
+	 since 2.0 due to an incorrect API call
+     Includes a directly related fix, namely adding the ability to read AES-256-CBC
+	 ciphered private keys (which is now what we tend to write out as it is
+	 Cryptography’s default private key cipher.)
+* Allow any type implementing the buffer API to be used with BufferedFile,
+	 Channel, and SFTPFile. This resolves a regression introduced in 1.13
+	 with the Python 3 porting changes, when using types such as memoryview.
+* Enhance default cipher preference order such that aes(192|256)-cbc are preferred
+	 over blowfish-cbc.
+* SSHClient now requests the type of host key it has (e.g. from known_hosts)
+	 and does not consider a different type to be a “Missing” host key. This fixes
+	 a common case where an ECDSA key is in known_hosts and the server also has
+	 an RSA host key.
+* Overhaul the codebase to be PEP-8
+
 -------------------------------------------------------------------
 Wed Apr 19 17:24:58 UTC 2017 - toddrme2178@gmail.com
 

python-paramiko.spec

@@ -20,7 +20,7 @@
 
 %{?!python_module:%define python_module() python-%{**} python3-%{**}}
 Name:           python-paramiko
-Version:        2.1.2
+Version:        2.1.3
 Release:        0
 Url:            http://www.paramiko.org/
 Summary:        SSH2 protocol library
@@ -28,12 +28,12 @@ License:        LGPL-2.1+
 Group:          Development/Languages/Python
 Source:         https://files.pythonhosted.org/packages/source/p/paramiko/paramiko-%{version}.tar.gz
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
+BuildRequires:  %{python_module cryptography >= 1.1}
+BuildRequires:  %{python_module devel}
+BuildRequires:  %{python_module pyasn1 >= 0.1.7}
+BuildRequires:  %{python_module setuptools}
 BuildRequires:  fdupes
 BuildRequires:  python-rpm-macros
-BuildRequires:  %{python_module devel}
-BuildRequires:  %{python_module setuptools}
-BuildRequires:  %{python_module cryptography >= 1.1}
-BuildRequires:  %{python_module pyasn1 >= 0.1.7}
 Requires:       python-cryptography >= 1.1
 Requires:       python-pyasn1 >= 0.1.7
 BuildArch:      noarch