Overview

File _patchinfo of Package patchinfo.8723

<patchinfo incident="8723">
  <issue tracker="bnc" id="1085276">VUL-0: CVE-2018-7750: python-paramiko: transport.py in the SSH server implementation does not properly check whether authentication is completed before processing other requests</issue>
  <issue tracker="bnc" id="1106148">L3: bug in python-paramiko-1.15.2-2.3.2.noarch</issue>
  <issue tracker="cve" id="2018-7750"/>
  <category>security</category>
  <rating>important</rating>
  <packager>glaubitz</packager>
  <description>This update for python-paramiko to version 1.18.5 fixes the following issues:

This security issue was fixed:

- CVE-2018-7750: transport.py in the SSH server implementation of Paramiko did
  not properly check whether authentication is completed processing other
  requests. A customized SSH client could have skipped the authentication step
  (bsc#1085276)

This non-security issue was fixed:

- Prevent connection problems with ssh servers due to no acceptable macs being
  available (bsc#1106148)

For additional changes please check the changelog.
  </description>
  <summary>Security update for python-paramiko</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places