f099bdfd92Accepting request 1173814 from devel:languages:python
factory
Ana Guerrero
2024-05-15 19:25:35 +0000
945e04b08b- Add patch support-pytest-8.patch: * Use non-deprecated setup method to support pytest >= 8.
Steve Kowalik
2024-05-14 03:28:44 +0000
4b816dae87Accepting request 1134140 from devel:languages:python
Ana Guerrero
2023-12-20 20:00:13 +0000
1cce8650fb- Add patch use-64-bit-maxsize-everywhere.patch: * Use the 64-bit value of sys.maxsize.
Steve Kowalik
2023-12-20 06:58:14 +0000
7f0e9918e5- Update to 3.4.0: (CVE-2023-48795, bsc#1218168) * Transport grew a new packetizer_class kwarg for overriding the packet-handler class used internally. * Address CVE 2023-48795 (aka the "Terrapin Attack", a vulnerability found in the SSH protocol re: treatment of packet sequence numbers) as follows: + The vulnerability only impacts encrypt-then-MAC digest algorithms in tandem with CBC ciphers, and ChaCha20-poly1305; of these, Paramiko currently only implements hmac-sha2-(256|512)-etm in tandem with AES-CBC. + As the fix for the vulnerability requires both ends of the connection to cooperate, the below changes will only take effect when the remote end is OpenSSH >= 9.6 (or equivalent, such as Paramiko in server mode, as of this patch version) and configured to use the new "strict kex" mode. + Paramiko will now raise an SSHException subclass (MessageOrderError) when protocol messages are received in unexpected order. This includes situations like receiving MSG_DEBUG or MSG_IGNORE during initial key exchange, which are no longer allowed during strict mode. + Key (re)negotiation -- i.e. MSG_NEWKEYS, whenever it is encountered -- now resets packet sequence numbers. (This should be invisible to users during normal operation, only causing exceptions if the exploit is encountered, which will usually result in, again, MessageOrderError.) + Sequence number rollover will now raise SSHException if it occurs during initial key exchange (regardless of strict mode status). * Tweak ext-info-(c|s) detection during KEXINIT protocol phase; the original implementation made assumptions based on an OpenSSH implementation detail.
Steve Kowalik
2023-12-19 06:43:04 +0000
109447d61bAccepting request 1116019 from devel:languages:python
Ana Guerrero
2023-10-06 19:12:11 +0000
51336eb89a* [Feature] #1951: Add SSH config token expansion (eg %h, %p) when * [Support] #2004: (via #2011) Apply unittest skipIf to tests currently using SHA1 in their critical path, to avoid failures on systems starting * [Support] #1838: (via #1870/#2028) Update camelCase method calls against the threading module to be snake_case; this and related tweaks * [Support] #2038: (via #2039) Recent versions of Cryptography have deprecated Blowfish algorithm support; in lieu of an easy method for users to remove it from the list of algorithms Paramiko tries to import and use, we’ve decided to remove it from our “preferred algorithms” list. This will both discourage use of a weak algorithm, and avoid warnings. * [Bug] #2017: OpenSSH 7.7 and older has a bug preventing it from understanding how to perform SHA2 signature verification for RSA certificates (specifically certs - not keys), so when we added SHA2 support it broke all clients using RSA certificates with these servers. This has been fixed in a manner similar to what OpenSSH’s own client does: a version check is performed and the algorithm used is downgraded * [Bug] #1933: Align signature verification algorithm with OpenSSH re: zero-padding signatures which don’t match their nominal size/length. This shouldn’t affect most users, but will help Paramiko-implemented SSH - Update to 2.10.3 (bsc#1197279, CVE-2022-24302) - [Feature] #1846: Add a prefetch keyword argument to - [Support] #1727: Add missing test suite fixtures directory to - Set environment to utf-8 to allow tests to pass on Python 2. (bsc#1178341) * gh#paramiko/paramiko#1655 - update to 2.7.2 (bsc#1166758, bsc#1166758, bsc#1205132) - update to 2.6.0 (bsc#1200603) - update to 2.5.0 extend timeout in testsuite to pass on ppc64le key-decryption passphrases from password-auth passwords. * Certificate support broke the no-certificate case for Ed25519 keysDirk Mueller2023-10-06 10:37:03 +0000
bd20bb11fbAccepting request 1114537 from devel:languages:python
Ana Guerrero
2023-10-02 18:04:04 +0000
eea616c4d7Accepting request 1114462 from home:mimi_vx:branches:devel:languages:pythonMatej Cepl2023-09-30 13:02:20 +0000
c928b32cecAccepting request 1086711 from devel:languages:python
Dominique Leuenberger
2023-05-19 09:55:13 +0000
0b8f87a515- Delete paramiko-pr1665-remove-pytest-relaxed.patch - Add remove-icecream-dep.patch - Update to 3.1.0: * [Feature] #2173: Accept single tabs as field separators (in addition to single spaces) in <paramiko.hostkeys.HostKeyEntry.from_line> for parity with OpenSSH’s KnownHosts parser. Patched by Alex Chavkin. * [Feature] #2013: (solving #2009, plus others) Add an explicit channel_timeout keyword argument to paramiko.client.SSHClient.connect, allowing users to configure the previously-hardcoded default value of 3600 seconds. Thanks to @VakarisZ and @ilija-lazoroski for the report and patch, with credit to Mike Salvatore for patch review. * [Support] #2178: Apply codespell to the codebase, which found a lot of very old minor spelling mistakes in docstrings. Also modernize many instances of *largs vs *args and **kwarg vs **kwargs. Patch courtesy of Yaroslav Halchenko, with review from Brian Skinn. - 3.0.0: * [Bug]: A handful of lower-level classes (notably paramiko.message.Message and paramiko.pkey.PKey) previously returned bytes objects from their implementation of __str__, even under Python 3; and there was never any __bytes__ method. * These issues have been fixed by renaming __str__ to __bytes__ and relying on Python’s default “stringification returns the output of __repr__” behavior re: any real attempts to str() such objects. * [Bug] #2165: Streamline some redundant (and costly) byte conversion calls in the packetizer and the core SFTP module. This should lead to some SFTP speedups at the very least. Thanks to Alex Gaynor for the patch.Daniel Garcia2023-05-12 09:31:22 +0000
ae0c8aeeb6Accepting request 1083119 from devel:languages:python
Dominique Leuenberger
2023-04-28 14:22:16 +0000
ad836dd0e5- Move documentation into main package for SLE15Dirk Mueller2023-04-26 21:03:02 +0000
a1ec2eef71Accepting request 1036980 from devel:languages:python
Dominique Leuenberger
2022-11-22 15:09:15 +0000
6d57def2c6Accepting request 1036973 from home:bnavigator:branches:devel:languages:pythonMatej Cepl2022-11-20 20:28:40 +0000
a7a27ba192Accepting request 979467 from devel:languages:python
Dominique Leuenberger
2022-05-30 10:42:42 +0000
e9bca5f938Accepting request 979399 from home:stroeder:pythonMatej Cepl2022-05-27 11:39:44 +0000
2a558ac877Accepting request 973836 from devel:languages:python
Dominique Leuenberger
2022-05-01 16:53:27 +0000
925537a411- update to 2.10.4: * Servers offering certificate variants of hostkey algorithms (eg ssh-rsa-cert-v01@openssh.com) could not have their host keys verified by Paramiko clients, as it only ever considered non-cert key types for that part of connection handshaking. This has been fixed. * gq PKey instances’ __eq__ did not have the usual safety guard in place to ensure they were being compared to another PKey object, causing occasional spurious BadHostKeyException (among other things). This has been fixed. * Update camelCase method calls against the threading module to be snake_case; this and related tweaks should fix some deprecation warnings under Python 3.10.Dirk Mueller2022-04-29 06:46:25 +0000
e203e21606Accepting request 967774 from devel:languages:python
Dominique Leuenberger
2022-04-10 17:05:11 +0000
48e295bab3Accepting request 967702 from home:pgajdos:python
Markéta Machová
2022-04-08 11:26:42 +0000
2d835036afAccepting request 963042 from devel:languages:python
Dominique Leuenberger
2022-03-22 18:36:09 +0000
1099f55ec5Accepting request 962964 from home:stroeder:pythonMatej Cepl2022-03-19 12:14:45 +0000
f0b4c8f615Accepting request 925623 from devel:languages:python
Dominique Leuenberger
2021-10-20 18:23:19 +0000
6de84324a9Accepting request 853510 from devel:languages:python
Dominique Leuenberger
2020-12-12 19:28:57 +0000
2ff0320a7b- Set environment to utf-8 to allow tests to pass on Python 2. (bsc#1178341)
Steve Kowalik
2020-12-07 07:24:21 +0000
fcfaee80d3Accepting request 841523 from devel:languages:python
Dominique Leuenberger
2020-10-29 08:47:52 +0000
abbcc53d4dAccepting request 841496 from home:bnavigator:branches:devel:languages:python:pytest
Tomáš Chvátal
2020-10-13 11:47:59 +0000
36b3c7bc40Accepting request 832015 from devel:languages:python
Dominique Leuenberger
2020-09-08 20:44:09 +0000
59ad0c6437- update to 2.7.2 - drop configs.tar.gz * Add missing test suite fixtures directory to MANIFEST.in * Remove leading whitespace from OpenSSH RSA test suite static key fixture, * Fix incorrect string formatting causing unhelpful error message annotation when using Kerberos/GSSAPI. * Fix incorrectly swapped order of p and q numbers when loading OpenSSH-format RSA private keys.Ondřej Súkup2020-09-04 06:31:05 +0000
0c7c45c2e1Accepting request 758748 from devel:languages:python
Dominique Leuenberger
2019-12-25 09:54:17 +0000
fc7d80118aAccepting request 711850 from devel:languages:python
Dominique Leuenberger
2019-06-30 08:17:59 +0000
fd964421b4- update to 2.6.0 - drop relaxed.patch and 1311.patch * add a new keyword argument to SSHClient.connect <paramiko.client.SSHClient.connect> and paramiko.transport.Transport -> disabled_algorithms * Fix Ed25519 key handling so certain key comment lengths don't cause SSHException("Invalid key") * Add backwards-compatible support for the gssapiOndřej Súkup2019-06-25 10:50:32 +0000
c1b7be29aeAccepting request 709720 from devel:languages:python
Dominique Leuenberger
2019-06-18 12:51:19 +0000
45b4cf43d8- update to 2.5.0 - dropped 1379.patch - refreshed patches: paramiko-test_extend_timeout.patch relaxed.patch 1311.patch * Add support for encrypt-then-MAC (ETM) schemes (hmac-sha2-256-etm@openssh.com, hmac-sha2-512-etm@openssh.com) and two newer Diffie-Hellman group key exchange algorithms (group14, using SHA256; and group16, using SHA512). * Add support for Curve25519 key exchange. * Raise Cryptography dependency requirement to version 2.5 * Add support for the modern (as of Python 3.3) import location of MutableMappingOndřej Súkup2019-06-11 11:26:30 +0000
4b364bdc08Accepting request 684702 from devel:languages:python
Dominique Leuenberger
2019-03-29 19:34:19 +0000
db55b7615d- Run tests verbosely - Drop cert_support.tar.gz as it is currently properly in the release
Tomáš Chvátal
2019-03-13 14:01:34 +0000
604f3dae5fAccepting request 676253 from devel:languages:python
Stephan Kulow
2019-02-17 11:19:00 +0000
93176392d0Accepting request 676248 from home:frispete:python
Tomáš Chvátal
2019-02-14 21:07:12 +0000
a1cab7a938Accepting request 676196 from home:mimi_vx:branches:devel:languages:pythonMatej Cepl2019-02-14 19:17:12 +0000
a655d14909Accepting request 662763 from devel:languages:python
Dominique Leuenberger
2019-01-08 11:17:15 +0000
ccb45347f9- update to 2.4.2 (bsc#1111151, CVE-2018-1000805)Dirk Mueller2019-01-04 09:46:40 +0000
92c3f6f9d0Accepting request 659533 from devel:languages:python
Dominique Leuenberger
2018-12-26 23:27:20 +0000
91fe297c81Remove superfluous devel dependency for noarch packageMatej Cepl2018-12-04 13:44:37 +0000
0459510aefAccepting request 648723 from devel:languages:python
Dominique Leuenberger
2018-11-18 22:21:24 +0000
11a96a68eaAccepting request 648722 from home:mimi_vx:branches:devel:languages:python
Tomáš Chvátal
2018-11-13 11:50:48 +0000
ea0dd02ae9Accepting request 640326 from devel:languages:python
Dominique Leuenberger
2018-10-15 08:05:10 +0000
c05cb21067Accepting request 640130 from home:mimi_vx:branches:devel:languages:python
Tomáš Chvátal
2018-10-06 16:35:47 +0000
c23f624873Accepting request 587599 from devel:languages:python
Dominique Leuenberger
2018-03-26 11:01:43 +0000
4f8ec9b10dAccepting request 587595 from home:oertel:branches:devel:languages:python
Tomáš Chvátal
2018-03-15 17:58:33 +0000
fe763f034aupdate to version 2.4.1 (bsc#1085276, CVE-2018-7750): * changelog: update for #1039 / #1051 * Screen off dev version of Python from test matrix * ensure ed25519 password is bytes * Cut 2.0.8 * Cut 2.3.2 * Initial tests proving CVE-2018-7750 / #1175 * Guess something else added this prior to the merge * Fixes CVE-2018-7750 / #1175 * Uncaught typo in test suite * Initial tests proving CVE-2018-7750 / #XXX * Test proving #1039 / efficacy of #1051 * Changelog closes#1175 * Cut 2.1.5 * Allow overriding test client connect kwargs in Transport test suite * Cut 2.4.1 * Fixes CVE-2018-7750 / #XXX * Cut 2.2.3 * flake8
Thomas Bechtold
2018-03-15 07:57:46 +0000
83ead8f7faAccepting request 542197 from devel:languages:python
Dominique Leuenberger
2017-11-17 09:55:03 +0000
64ad857c97Accepting request 542196 from home:mimi_vx:branches:devel:languages:pythonOndřej Súkup2017-11-16 09:40:16 +0000
1252a1dd9dAccepting request 531787 from devel:languages:python
Dominique Leuenberger
2017-10-11 20:57:09 +0000
f19472aff4Accepting request 531621 from home:mimi_vx:branches:devel:languages:python
Tomas Cech
2017-10-05 14:59:22 +0000
c014c715cbAccepting request 516164 from devel:languages:python
Yuchen Lin
2017-08-13 12:59:54 +0000
4e7028e968Accepting request 394312 from home:frispete:pythonDirk Mueller2016-05-09 11:19:07 +0000
75b2c1da65Accepting request 357111 from devel:languages:python
Dominique Leuenberger
2016-02-03 09:19:41 +0000
1d05e5ac24Accepting request 357107 from home:TheBlackCat:branches:devel:languages:python
Todd R
2016-02-01 11:46:39 +0000
892b029869Accepting request 287912 from devel:languages:python
Dominique Leuenberger
2015-02-27 10:09:59 +0000
aac8cf5be7Accepting request 287872 from home:tbechtold:branches:devel:languages:python
Denisart Benjamin
2015-02-26 12:14:39 +0000
c7f084c0a9Accepting request 253693 from devel:languages:python
Stephan Kulow
2014-10-05 18:31:19 +0000
12765049a9Accepting request 253684 from home:anubisg1:branches:devel:languages:python
Denisart Benjamin
2014-10-02 18:23:11 +0000
5d5591f323Accepting request 236020 from devel:languages:python
Stephan Kulow
2014-06-04 16:39:26 +0000
e9d9312253Accepting request 235923 from Cloud:OpenStack:Master
Sascha Peilicke
2014-06-02 09:08:50 +0000
b8c7540dfaAccepting request 231087 from devel:languages:python
Stephan Kulow
2014-04-26 08:11:13 +0000
31936cb886Accepting request 230779 from home:rjschwei:branches:devel:languages:python
Denisart Benjamin
2014-04-22 18:52:51 +0000
f9d9f9e9ebAccepting request 208362 from devel:languages:python
Stephan Kulow
2013-12-03 11:34:19 +0000
6be2621bdaAccepting request 208361 from home:posophe:branches:devel:languages:python
Denisart Benjamin
2013-11-25 23:04:45 +0000
768c5dd6c9Accepting request 208318 from home:fischersFritz
Denisart Benjamin
2013-11-25 22:53:27 +0000
f5f90f5a1eAccepting request 197221 from devel:languages:python
Stephan Kulow
2013-09-03 20:03:49 +0000
f86537b755Accepting request 197218 from home:dirkmueller:branches:devel:languages:python
Sascha Peilicke
2013-09-03 08:08:34 +0000
1aa97a55c5Accepting request 175245 from devel:languages:python
Stephan Kulow
2013-05-16 09:27:01 +0000
6124f75481Accepting request 175235 from home:dirkmueller:branches:devel:languages:python
Sascha Peilicke
2013-05-13 09:27:41 +0000
51ca956646Accepting request 144915 from devel:languages:python
Stephan Kulow
2012-12-10 09:58:24 +0000
b466046d50- Update to version 1.9.0: + #97 (with a little #93): Improve config parsing of ProxyCommand directives and provide a wrapper class to allow subprocess-driven proxy commands to be used as sock= arguments for SSHClient.connect. + #77: Allow SSHClient.connect() to take an explicit sock parameter overriding creation of an internal, implicit socket object. - Changes from version 1.8.1: + #90: Ensure that callbacks handed to SFTPClient.get() always fire at least once, even for zero-length files downloaded. Thanks to Github user @enB for the catch. + #85: Paramiko's test suite overrides unittest.TestCase.assertTrue/assertFalse to provide these modern assertions to Python 2.2/2.3, which lacked them. However on newer Pythons such as 2.7, this now causes deprecation warnings. The overrides have been patched to only execute when necessary. Thanks to @Arfrever for catch & patch. - Changes from version 1.8.0: + #17 ('ssh' 28): Fix spurious NoneType has no attribute 'error' and similar exceptions that crop up on interpreter exit. + 'ssh' 32: Raise a more useful error explaining which known_hosts key line was problematic, when encountering binascii issues decoding known host keys. Thanks to @thomasvs for catch & patch. + 'ssh' 33: Bring ssh_config parsing more in line with OpenSSH spec, re: order of setting overrides by Host specifiers. Specifically, the overrides now go by file order instead of automatically sorting by Host value length. In addition, the first value found per config key (e.g. Port, User etc) wins, instead of the last. Thanks to Jan Brauer for the contribution. + 'ssh' 36: Support new server two-factor authentication option (RequiredAuthentications2), at least re: combining key-based & password auth. Thanks to Github user bninja. + 'ssh' 11: When raising an exception for hosts not listed in
Sascha Peilicke
2012-12-10 08:30:27 +0000