[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2018:0591-01 -- Redhat python-paramiko

ID: oval:org.secpod.oval:def:502253Date: (C)2018-03-27   (M)2023-12-20
Class: PATCHFamily: unix




The python-paramiko package provides a Python module that implements the SSH2 protocol for encrypted and authenticated connections to remote machines. Unlike SSL, the SSH2 protocol does not require hierarchical certificates signed by a powerful central authority. The protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel. Security Fix: * python-paramiko: Authentication bypass in transport.py For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. Bug Fix: * python-paramiko has been using the python2-pyasn1 package, but did not depend on it. With new versions of python2-cryptography, python2-pyasn1 was not getting installed and this caused python-paramiko to malfunction. This bug was fixed by making python-paramiko depend on python2-pyasn1 explicitly

Platform:
Red Hat Enterprise Linux 7
Product:
python-paramiko
Reference:
RHSA-2018:0591-01
CVE-2018-7750
CVE    1
CVE-2018-7750
CPE    2
cpe:/o:redhat:enterprise_linux:7
cpe:/a:python_software_foundation:python-paramiko

© SecPod Technologies