RHSA-2018:0591-01 -- Redhat python-paramikoID: oval:org.secpod.oval:def:502253 | Date: (C)2018-03-27 (M)2023-12-20 |
Class: PATCH | Family: unix |
The python-paramiko package provides a Python module that implements the SSH2 protocol for encrypted and authenticated connections to remote machines. Unlike SSL, the SSH2 protocol does not require hierarchical certificates signed by a powerful central authority. The protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel. Security Fix: * python-paramiko: Authentication bypass in transport.py For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. Bug Fix: * python-paramiko has been using the python2-pyasn1 package, but did not depend on it. With new versions of python2-cryptography, python2-pyasn1 was not getting installed and this caused python-paramiko to malfunction. This bug was fixed by making python-paramiko depend on python2-pyasn1 explicitly
Platform: |
Red Hat Enterprise Linux 7 |