diff options
| author | Yaroslav Halchenko <debian@onerussian.com> | 2023-01-24 16:56:08 -0500 |
|---|---|---|
| committer | Yaroslav Halchenko <debian@onerussian.com> | 2023-01-24 16:56:08 -0500 |
| commit | 908e7c75f53025a3064e28215da62ffcfdea6daa (patch) | |
| tree | 8ae79b736fc69f2c05ba1adec2ae11c4b9e4720c /sites | |
| parent | 5efa354ce9fff1217d22e52493d1442866821a7b (diff) | |
| download | paramiko-908e7c75f53025a3064e28215da62ffcfdea6daa.tar.gz | |
[DATALAD RUNCMD] Run codespell -w
=== Do not change lines below ===
{
"chain": [],
"cmd": "codespell -w",
"exit": 0,
"extra_inputs": [],
"inputs": [],
"outputs": [],
"pwd": "."
}
^^^ Do not change lines above ^^^
Diffstat (limited to 'sites')
| -rw-r--r-- | sites/www/changelog.rst | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 32e81828..ae1d7365 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -334,7 +334,7 @@ Changelog This fixes a security flaw! If you are running Paramiko on 32-bit systems with low entropy (such as any 32-bit Python 2, or a 32-bit Python 3 which is running with ``PYTHONHASHSEED=0``) it is possible for an attacker to - craft a new keypair from an exfiltrated public key, which Paramiko would + craft a new key pair from an exfiltrated public key, which Paramiko would consider equal to the original key. This could enable attacks such as, but not limited to, the following: @@ -1130,7 +1130,7 @@ Changelog functionality to address hangs from dropped network connections and/or failed handshakes. Credit to ``@vazir`` and ``@dacut`` for the original patches and to Olle Lundberg for reimplementation. -- :bug:`490` Skip invalid/unparseable lines in ``known_hosts`` files, instead +- :bug:`490` Skip invalid/unparsable lines in ``known_hosts`` files, instead of raising `~paramiko.ssh_exception.SSHException`. This brings Paramiko's behavior more in line with OpenSSH, which silently ignores such input. Catch & patch courtesy of Martin Topholm. |