From fe763f034a273bce54dc66821002b219dc11ce07b9d3c34ee4157784c561fa96 Mon Sep 17 00:00:00 2001 From: Thomas Bechtold Date: Thu, 15 Mar 2018 07:57:46 +0000 Subject: [PATCH 1/2] update to version 2.4.1 (bsc#1085276, CVE-2018-7750): * changelog: update for #1039 / #1051 * Screen off dev version of Python from test matrix * ensure ed25519 password is bytes * Cut 2.0.8 * Cut 2.3.2 * Initial tests proving CVE-2018-7750 / #1175 * Guess something else added this prior to the merge * Fixes CVE-2018-7750 / #1175 * Uncaught typo in test suite * Initial tests proving CVE-2018-7750 / #XXX * Test proving #1039 / efficacy of #1051 * Changelog closes #1175 * Cut 2.1.5 * Allow overriding test client connect kwargs in Transport test suite * Cut 2.4.1 * Fixes CVE-2018-7750 / #XXX * Cut 2.2.3 * flake8 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-paramiko?expand=0&rev=70 --- paramiko-2.4.0.tar.gz | 3 --- paramiko-2.4.1.tar.gz | 3 +++ python-paramiko.changes | 23 +++++++++++++++++++++++ python-paramiko.spec | 6 +++--- 4 files changed, 29 insertions(+), 6 deletions(-) delete mode 100644 paramiko-2.4.0.tar.gz create mode 100644 paramiko-2.4.1.tar.gz diff --git a/paramiko-2.4.0.tar.gz b/paramiko-2.4.0.tar.gz deleted file mode 100644 index 085e498..0000000 --- a/paramiko-2.4.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:486f637f0a33a4792e0e567be37426c287efaa8c4c4a45e3216f9ce7fd70b1fc -size 1324783 diff --git a/paramiko-2.4.1.tar.gz b/paramiko-2.4.1.tar.gz new file mode 100644 index 0000000..585cd49 --- /dev/null +++ b/paramiko-2.4.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:33e36775a6c71790ba7692a73f948b329cf9295a72b0102144b031114bd2a4f3 +size 1490565 diff --git a/python-paramiko.changes b/python-paramiko.changes index 05be698..544f379 100644 --- a/python-paramiko.changes +++ b/python-paramiko.changes @@ -1,3 +1,26 @@ +------------------------------------------------------------------- +Thu Mar 15 07:10:09 UTC 2018 - tbechtold@suse.com + +update to version 2.4.1 (bsc#1085276, CVE-2018-7750): + * changelog: update for #1039 / #1051 + * Screen off dev version of Python from test matrix + * ensure ed25519 password is bytes + * Cut 2.0.8 + * Cut 2.3.2 + * Initial tests proving CVE-2018-7750 / #1175 + * Guess something else added this prior to the merge + * Fixes CVE-2018-7750 / #1175 + * Uncaught typo in test suite + * Initial tests proving CVE-2018-7750 / #XXX + * Test proving #1039 / efficacy of #1051 + * Changelog closes #1175 + * Cut 2.1.5 + * Allow overriding test client connect kwargs in Transport test suite + * Cut 2.4.1 + * Fixes CVE-2018-7750 / #XXX + * Cut 2.2.3 + * flake8 + ------------------------------------------------------------------- Thu Nov 16 09:36:24 UTC 2017 - mimi.vx@gmail.com diff --git a/python-paramiko.spec b/python-paramiko.spec index 7052761..02edc1b 100644 --- a/python-paramiko.spec +++ b/python-paramiko.spec @@ -1,7 +1,7 @@ # # spec file for package python-paramiko # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -20,11 +20,11 @@ %{?!python_module:%define python_module() python-%{**} python3-%{**}} Name: python-paramiko -Version: 2.4.0 +Version: 2.4.1 Release: 0 Url: http://www.paramiko.org/ Summary: SSH2 protocol library -License: LGPL-2.1+ +License: LGPL-2.1-or-later Group: Development/Languages/Python Source: https://files.pythonhosted.org/packages/source/p/paramiko/paramiko-%{version}.tar.gz # certificates needed by testsuite From 4f8ec9b10d1375144e900555d0294928140d2caf1ae44e7d3984d034e9446d64 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Thu, 15 Mar 2018 17:58:33 +0000 Subject: [PATCH 2/2] Accepting request 587595 from home:oertel:branches:devel:languages:python - add paramiko-test_extend_timeout.patch (bsc#1085529) extend timeout in testsuite to pass on ppc64le OBS-URL: https://build.opensuse.org/request/show/587595 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-paramiko?expand=0&rev=71 --- paramiko-test_extend_timeout.patch | 11 +++++++++++ python-paramiko.changes | 6 ++++++ python-paramiko.spec | 2 ++ 3 files changed, 19 insertions(+) create mode 100644 paramiko-test_extend_timeout.patch diff --git a/paramiko-test_extend_timeout.patch b/paramiko-test_extend_timeout.patch new file mode 100644 index 0000000..25435aa --- /dev/null +++ b/paramiko-test_extend_timeout.patch @@ -0,0 +1,11 @@ +--- paramiko-2.4.1/tests/test_buffered_pipe.py 2018/03/15 17:40:29 1.1 ++++ paramiko-2.4.1/tests/test_buffered_pipe.py 2018/03/15 17:40:36 +@@ -69,7 +69,7 @@ + self.assertTrue(False) + except PipeTimeout: + pass +- self.assertEqual(b'b', p.read(1, 1.0)) ++ self.assertEqual(b'b', p.read(1, 3.0)) + self.assertEqual(b'', p.read(1)) + + def test_3_close_while_reading(self): diff --git a/python-paramiko.changes b/python-paramiko.changes index 544f379..538d75d 100644 --- a/python-paramiko.changes +++ b/python-paramiko.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Thu Mar 15 18:38:22 CET 2018 - ro@suse.de + +- add paramiko-test_extend_timeout.patch (bsc#1085529) + extend timeout in testsuite to pass on ppc64le + ------------------------------------------------------------------- Thu Mar 15 07:10:09 UTC 2018 - tbechtold@suse.com diff --git a/python-paramiko.spec b/python-paramiko.spec index 02edc1b..7790578 100644 --- a/python-paramiko.spec +++ b/python-paramiko.spec @@ -29,6 +29,7 @@ Group: Development/Languages/Python Source: https://files.pythonhosted.org/packages/source/p/paramiko/paramiko-%{version}.tar.gz # certificates needed by testsuite Source1: cert_support.tar.gz +Patch0: paramiko-test_extend_timeout.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: %{python_module PyNaCl >= 1.0.1} BuildRequires: %{python_module bcrypt >= 3.1.3} @@ -72,6 +73,7 @@ This package contains the documentation. %prep %setup -q -n paramiko-%{version} +%patch0 -p1 # Fix non-executable script rpmlint issue: find demos -name "*.py" -exec sed -i "/#\!\/usr\/bin\/.*/d" {} \; tar xvzf %{SOURCE1} -C tests/