Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

python-paramiko-doc-2.12.0-2.el9 RPM for noarch

From EPEL 9 for ppc64le / Packages / p

Name: python-paramiko-doc Distribution: Fedora Project
Version: 2.12.0 Vendor: Fedora Project
Release: 2.el9 Build date: Tue Jan 2 19:37:10 2024
Group: Unspecified Build host: buildvm-x86-15.iad2.fedoraproject.org
Size: 1238369 Source RPM: python-paramiko-2.12.0-2.el9.src.rpm
Packager: Fedora Project
Url: https://github.com/paramiko/paramiko
Summary: Docs and demo for SSH2 protocol library for python
Paramiko (a combination of the Esperanto words for "paranoid" and "friend") is
a module for python 2.3 or greater that implements the SSH2 protocol for secure
(encrypted and authenticated) connections to remote machines. Unlike SSL (aka
TLS), the SSH2 protocol does not require hierarchical certificates signed by a
powerful central authority. You may know SSH2 as the protocol that replaced
telnet and rsh for secure access to remote shells, but the protocol also
includes the ability to open arbitrary channels to remote services across an
encrypted tunnel (this is how sftp works, for example).

This is the documentation and demos.

Provides

Requires

License

LGPL-2.1-or-later

Changelog

* Fri Dec 29 2023 Paul Howarth <paul@city-fan.org> - 2.12.0-2
  - Address CVE 2023-48795 (a.k.a. the "Terrapin Attack", a vulnerability found
    in the SSH protocol re: treatment of packet sequence numbers) as follows:
    - The vulnerability only impacts encrypt-then-MAC digest algorithms in tandem
      with CBC ciphers, and ChaCha20-poly1305; of these, Paramiko currently only
      implements ``hmac-sha2-(256|512)-etm`` in tandem with 'AES-CBC'
    - As the fix for the vulnerability requires both ends of the connection to
      cooperate, the below changes will only take effect when the remote end is
      OpenSSH ≥ 9.6 (or equivalent, such as Paramiko in server mode, as of this
      patch version) and configured to use the new "strict kex" mode
    - Paramiko will always attempt to use "strict kex" mode if offered by the
      server, unless you override this by specifying 'strict_kex=False' in
      'Transport.__init__'
    - Paramiko will now raise an 'SSHException' subclass ('MessageOrderError')
      when protocol messages are received in unexpected order; this includes
      situations like receiving 'MSG_DEBUG' or 'MSG_IGNORE' during initial key
      exchange, which are no longer allowed during strict mode
    - Key (re)negotiation, i.e. 'MSG_NEWKEYS', whenever it is encountered, now
      resets packet sequence numbers (this should be invisible to users during
      normal operation, only causing exceptions if the exploit is encountered,
      which will usually result in, again, 'MessageOrderError')
    - Sequence number rollover will now raise 'SSHException' if it occurs during
      initial key exchange (regardless of strict mode status)
  - Tweak 'ext-info-(c|s)' detection during KEXINIT protocol phase; the original
    implementation made assumptions based on an OpenSSH implementation detail
  - 'Transport' grew a new 'packetizer_class' kwarg for overriding the
    packet-handler class used internally; this is mostly for testing, but advanced
    users may find this useful when doing deep hacks
  - A handful of lower-level classes (notably 'paramiko.message.Message' and
    'paramiko.pkey.PKey') previously returned 'bytes' objects from their
    implementation of '__str__', even under Python 3, and there was never any
    '__bytes__' method; these issues have been fixed by renaming '__str__' to
    '__bytes__' and relying on Python's default "stringification returns the
    output of '__repr__'" behavior re: any real attempts to 'str()' such objects
* Sun Nov 06 2022 Paul Howarth <paul@city-fan.org> - 2.12.0-1
  - Update to 2.12.0 (rhbz#2140281)
    - Add a 'transport_factory' kwarg to 'SSHClient.connect' for advanced users
      to gain more control over early Transport setup and manipulation (GH#2054,
      GH#2125)
    - Update '~paramiko.client.SSHClient' so it explicitly closes its wrapped
      socket object upon encountering socket errors at connection time; this
      should help somewhat with certain classes of memory leaks, resource
      warnings, and/or errors (though we hasten to remind everyone that Client
      and Transport have their own '.close()' methods for use in non-error
      situations!) (GH#1822)
    - Raise '~paramiko.ssh_exception.SSHException' explicitly when blank private
      key data is loaded, instead of the natural result of 'IndexError'; this
      should help more bits of Paramiko or Paramiko-adjacent codebases to
      correctly handle this class of error (GH#1599, GH#1637)
  - Use SPDX-format license tag
* Fri Jul 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2.11.0-3
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Jun 14 2022 Python Maint <python-maint@redhat.com> - 2.11.0-2
  - Rebuilt for Python 3.11
* Tue May 17 2022 Paul Howarth <paul@city-fan.org> - 2.11.0-1
  - Update to 2.11.0
    - Align signature verification algorithm with OpenSSH re: zero-padding
      signatures that don't match their nominal size/length; this shouldn't
      affect most users, but will help Paramiko-implemented SSH servers handle
      poorly behaved clients such as PuTTY (GH#1933)
    - OpenSSH 7.7 and older has a bug preventing it from understanding how to
      perform SHA2 signature verification for RSA certificates (specifically
      certs - not keys), so when we added SHA2 support it broke all clients using
      RSA certificates with these servers; this has been fixed in a manner similar
      to what OpenSSH's own client does - a version check is performed and the
      algorithm used is downgraded if needed (GH#2017)
    - Recent versions of Cryptography have deprecated Blowfish algorithm support;
      in lieu of an easy method for users to remove it from the list of
      algorithms Paramiko tries to import and use, we've decided to remove it
      from our "preferred algorithms" list, which will both discourage use of a
      weak algorithm, and avoid warnings (GH#2038, GH#2039)
    - Windows-native SSH agent support as merged in 2.10 could encounter
      'Errno 22' 'OSError' exceptions in some scenarios (e.g. server not cleanly
      closing a relevant named pipe); this has been worked around and should be
      less problematic (GH#2008, GH#2010)
    - Add SSH config token expansion (eg '%h', '%p') when parsing 'ProxyJump'
      directives (GH#1951)
    - Apply unittest 'skipIf' to tests currently using SHA1 in their critical
      path, to avoid failures on systems starting to disable SHA1 outright in
      their crypto backends (e.g. RHEL 9) (GH#2004, GH#2011)
* Tue Apr 26 2022 Paul Howarth <paul@city-fan.org> - 2.10.4-1
  - Update to 2.10.4
    - Update 'camelCase' method calls against the 'threading' module to be
      'snake_case'; this and related tweaks should fix some deprecation warnings
      under Python 3.10 (GH#1838, GH#1870, GH#2028)
    - '~paramiko.pkey.PKey' instances' '__eq__' did not have the usual safety
      guard in place to ensure they were being compared to another 'PKey' object,
      causing occasional spurious 'BadHostKeyException', among other things
      (GH#1964, GH#2023, GH#2024)
    - Servers offering certificate variants of hostkey algorithms (e.g.
      'ssh-rsa-cert-v01@openssh.com') could not have their host keys verified by
      Paramiko clients, as it only ever considered non-cert key types for that
      part of connection handshaking (GH#2035)
* Mon Mar 21 2022 Paul Howarth <paul@city-fan.org> - 2.10.3-2
  - Skip tests that would fail without SHA-1 signing support in backend, such as
    on EL-9 (GH#2011)
* Sat Mar 19 2022 Paul Howarth <paul@city-fan.org> - 2.10.3-1
  - Update to 2.10.3
    - Certificate-based pubkey auth was inadvertently broken when adding SHA2
      support in version 2.9.0 (GH#1963, GH#1977)
    - Switch from module-global to thread-local storage when recording thread IDs
      for a logging helper; this should avoid one flavor of memory leak for
      long-running processes (GH#2002, GH#2003)
* Tue Mar 15 2022 Paul Howarth <paul@city-fan.org> - 2.10.2-1
  - Update to 2.10.2
    - Fix Python 2 compatibility breakage introduced in 2.10.1 (GH#2001)
  - Re-enable sftp tests, no longer failing under mock
* Sun Mar 13 2022 Paul Howarth <paul@city-fan.org> - 2.10.1-1
  - Update to 2.10.1
    - CVE-2022-24302: Creation of new private key files using
      '~paramiko.pkey.PKey' subclasses was subject to a race condition between
      file creation and mode modification, which could be exploited by an
      attacker with knowledge of where the Paramiko-using code would write out
      such files; this has been patched by using 'os.open' and 'os.fdopen' to
      ensure new files are opened with the correct mode immediately (we've left
      the subsequent explicit 'chmod' in place to minimize any possible
      disruption, though it may get removed in future backwards-incompatible
      updates)
    - Add support for the '%C' token when parsing SSH config files (GH#1976)
    - Add support for OpenSSH's Windows agent as a fallback when Putty/WinPageant
      isn't available or functional (GH#1509, GH#1837, GH#1868)
    - Significantly speed up low-level read/write actions on
      '~paramiko.sftp_file.SFTPFile' objects by using 'bytearray'/'memoryview'
      (GH#892); this is unlikely to change anything for users of the higher level
      methods like 'SFTPClient.get' or 'SFTPClient.getfo', but users of
      'SFTPClient.open' will likely see orders of magnitude improvements for
      files larger than a few megabytes in size
    - Add 'six' explicitly to install-requires; it snuck into active use at some
      point but has only been indicated by transitive dependency on 'bcrypt'
      until they somewhat-recently dropped it (GH#1985); this will be short-lived
      until we drop Python 2 support
* Fri Jan 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.2-3
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Fri Jan 14 2022 Paul Howarth <paul@city-fan.org> - 2.9.2-2
  - Avoid use of deprecated python-mock by using unittest.mock instead
    https://github.com/paramiko/paramiko/pull/1666
* Sat Jan 08 2022 Paul Howarth <paul@city-fan.org> - 2.9.2-1
  - Update to 2.9.2
    - Connecting to servers that support 'server-sig-algs' but which have no
      overlap between that list and what a Paramiko client supports, now raise
      an exception instead of defaulting to 'rsa-sha2-512' (since the use of
      'server-sig-algs' allows us to know what the server supports)
    - Enhanced log output when connecting to servers that do not support
      'server-sig-algs' extensions, making the new-as-of-2.9 defaulting to SHA2
      pubkey algorithms more obvious when it kicks in

Files

/usr/share/doc/python-paramiko-doc
/usr/share/doc/python-paramiko-doc/demos
/usr/share/doc/python-paramiko-doc/demos/demo.py
/usr/share/doc/python-paramiko-doc/demos/demo_keygen.py
/usr/share/doc/python-paramiko-doc/demos/demo_server.py
/usr/share/doc/python-paramiko-doc/demos/demo_sftp.py
/usr/share/doc/python-paramiko-doc/demos/demo_simple.py
/usr/share/doc/python-paramiko-doc/demos/forward.py
/usr/share/doc/python-paramiko-doc/demos/interactive.py
/usr/share/doc/python-paramiko-doc/demos/rforward.py
/usr/share/doc/python-paramiko-doc/demos/test_rsa.key
/usr/share/doc/python-paramiko-doc/demos/user_rsa_key
/usr/share/doc/python-paramiko-doc/demos/user_rsa_key.pub
/usr/share/doc/python-paramiko-doc/html
/usr/share/doc/python-paramiko-doc/html/.doctrees
/usr/share/doc/python-paramiko-doc/html/.doctrees/api
/usr/share/doc/python-paramiko-doc/html/.doctrees/api/agent.doctree
/usr/share/doc/python-paramiko-doc/html/.doctrees/api/buffered_pipe.doctree
/usr/share/doc/python-paramiko-doc/html/.doctrees/api/channel.doctree
/usr/share/doc/python-paramiko-doc/html/.doctrees/api/client.doctree
/usr/share/doc/python-paramiko-doc/html/.doctrees/api/config.doctree
/usr/share/doc/python-paramiko-doc/html/.doctrees/api/file.doctree
/usr/share/doc/python-paramiko-doc/html/.doctrees/api/hostkeys.doctree
/usr/share/doc/python-paramiko-doc/html/.doctrees/api/kex_gss.doctree
/usr/share/doc/python-paramiko-doc/html/.doctrees/api/keys.doctree
/usr/share/doc/python-paramiko-doc/html/.doctrees/api/message.doctree
/usr/share/doc/python-paramiko-doc/html/.doctrees/api/packet.doctree
/usr/share/doc/python-paramiko-doc/html/.doctrees/api/pipe.doctree
/usr/share/doc/python-paramiko-doc/html/.doctrees/api/proxy.doctree
/usr/share/doc/python-paramiko-doc/html/.doctrees/api/server.doctree
/usr/share/doc/python-paramiko-doc/html/.doctrees/api/sftp.doctree
/usr/share/doc/python-paramiko-doc/html/.doctrees/api/ssh_exception.doctree
/usr/share/doc/python-paramiko-doc/html/.doctrees/api/ssh_gss.doctree
/usr/share/doc/python-paramiko-doc/html/.doctrees/api/transport.doctree
/usr/share/doc/python-paramiko-doc/html/.doctrees/environment.pickle
/usr/share/doc/python-paramiko-doc/html/.doctrees/index.doctree
/usr/share/doc/python-paramiko-doc/html/_sources
/usr/share/doc/python-paramiko-doc/html/_sources/api
/usr/share/doc/python-paramiko-doc/html/_sources/api/agent.rst.txt
/usr/share/doc/python-paramiko-doc/html/_sources/api/buffered_pipe.rst.txt
/usr/share/doc/python-paramiko-doc/html/_sources/api/channel.rst.txt
/usr/share/doc/python-paramiko-doc/html/_sources/api/client.rst.txt
/usr/share/doc/python-paramiko-doc/html/_sources/api/config.rst.txt
/usr/share/doc/python-paramiko-doc/html/_sources/api/file.rst.txt
/usr/share/doc/python-paramiko-doc/html/_sources/api/hostkeys.rst.txt
/usr/share/doc/python-paramiko-doc/html/_sources/api/kex_gss.rst.txt
/usr/share/doc/python-paramiko-doc/html/_sources/api/keys.rst.txt
/usr/share/doc/python-paramiko-doc/html/_sources/api/message.rst.txt
/usr/share/doc/python-paramiko-doc/html/_sources/api/packet.rst.txt
/usr/share/doc/python-paramiko-doc/html/_sources/api/pipe.rst.txt
/usr/share/doc/python-paramiko-doc/html/_sources/api/proxy.rst.txt
/usr/share/doc/python-paramiko-doc/html/_sources/api/server.rst.txt
/usr/share/doc/python-paramiko-doc/html/_sources/api/sftp.rst.txt
/usr/share/doc/python-paramiko-doc/html/_sources/api/ssh_exception.rst.txt
/usr/share/doc/python-paramiko-doc/html/_sources/api/ssh_gss.rst.txt
/usr/share/doc/python-paramiko-doc/html/_sources/api/transport.rst.txt
/usr/share/doc/python-paramiko-doc/html/_sources/index.rst.txt
/usr/share/doc/python-paramiko-doc/html/_static
/usr/share/doc/python-paramiko-doc/html/_static/alabaster.css
/usr/share/doc/python-paramiko-doc/html/_static/basic.css
/usr/share/doc/python-paramiko-doc/html/_static/custom.css
/usr/share/doc/python-paramiko-doc/html/_static/doctools.js
/usr/share/doc/python-paramiko-doc/html/_static/documentation_options.js
/usr/share/doc/python-paramiko-doc/html/_static/file.png
/usr/share/doc/python-paramiko-doc/html/_static/jquery-3.5.1.js
/usr/share/doc/python-paramiko-doc/html/_static/jquery.js
/usr/share/doc/python-paramiko-doc/html/_static/language_data.js
/usr/share/doc/python-paramiko-doc/html/_static/minus.png
/usr/share/doc/python-paramiko-doc/html/_static/plus.png
/usr/share/doc/python-paramiko-doc/html/_static/pygments.css
/usr/share/doc/python-paramiko-doc/html/_static/searchtools.js
/usr/share/doc/python-paramiko-doc/html/_static/underscore-1.3.1.js
/usr/share/doc/python-paramiko-doc/html/_static/underscore.js
/usr/share/doc/python-paramiko-doc/html/api
/usr/share/doc/python-paramiko-doc/html/api/agent.html
/usr/share/doc/python-paramiko-doc/html/api/buffered_pipe.html
/usr/share/doc/python-paramiko-doc/html/api/channel.html
/usr/share/doc/python-paramiko-doc/html/api/client.html
/usr/share/doc/python-paramiko-doc/html/api/config.html
/usr/share/doc/python-paramiko-doc/html/api/file.html
/usr/share/doc/python-paramiko-doc/html/api/hostkeys.html
/usr/share/doc/python-paramiko-doc/html/api/kex_gss.html
/usr/share/doc/python-paramiko-doc/html/api/keys.html
/usr/share/doc/python-paramiko-doc/html/api/message.html
/usr/share/doc/python-paramiko-doc/html/api/packet.html
/usr/share/doc/python-paramiko-doc/html/api/pipe.html
/usr/share/doc/python-paramiko-doc/html/api/proxy.html
/usr/share/doc/python-paramiko-doc/html/api/server.html
/usr/share/doc/python-paramiko-doc/html/api/sftp.html
/usr/share/doc/python-paramiko-doc/html/api/ssh_exception.html
/usr/share/doc/python-paramiko-doc/html/api/ssh_gss.html
/usr/share/doc/python-paramiko-doc/html/api/transport.html
/usr/share/doc/python-paramiko-doc/html/genindex.html
/usr/share/doc/python-paramiko-doc/html/index.html
/usr/share/doc/python-paramiko-doc/html/objects.inv
/usr/share/doc/python-paramiko-doc/html/py-modindex.html
/usr/share/doc/python-paramiko-doc/html/search.html
/usr/share/doc/python-paramiko-doc/html/searchindex.js


Generated by rpm2html 1.8.1

Fabrice Bellet, Wed Oct 9 05:16:45 2024