summaryrefslogtreecommitdiff
path: root/sites
diff options
context:
space:
mode:
Diffstat (limited to 'sites')
-rw-r--r--sites/www/changelog.rst13
1 files changed, 13 insertions, 0 deletions
diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst
index 6e805b8f..87c5faf2 100644
--- a/sites/www/changelog.rst
+++ b/sites/www/changelog.rst
@@ -13,6 +13,7 @@ Changelog
private key data is loaded, instead of the natural result of ``IndexError``.
This should help more bits of Paramiko or Paramiko-adjacent codebases to
correctly handle this class of error. Credit: Nicholas Dietz.
+- :release:`2.11.0 <2022-05-16>`
- :release:`2.10.5 <2022-05-16>`
- :release:`2.9.5 <2022-05-16>`
- :bug:`1933` Align signature verification algorithm with OpenSSH re:
@@ -27,6 +28,12 @@ Changelog
to what OpenSSH's own client does: a version check is performed and the
algorithm used is downgraded if needed. Reported by Adarsh Chauhan, with fix
suggested by Jun Omae.
+- :support:`2038` (via :issue:`2039`) Recent versions of Cryptography have
+ deprecated Blowfish algorithm support; in lieu of an easy method for users to
+ remove it from the list of algorithms Paramiko tries to import and use, we've
+ decided to remove it from our "preferred algorithms" list. This will both
+ discourage use of a weak algorithm, and avoid warnings. Credit for
+ report/patch goes to Mike Roest.
- :bug:`2008` (via :issue:`2010`) Windows-native SSH agent support as merged in
2.10 could encounter ``Errno 22`` ``OSError`` exceptions in some scenarios
(eg server not cleanly closing a relevant named pipe). This has been worked
@@ -40,12 +47,18 @@ Changelog
under Python 3.10. Thanks to Karthikeyan Singaravelan for the report,
``@Narendra-Neerukonda`` for the patch, and to Thomas Grainger and Jun Omae
for patch workshopping.
+- :feature:`1951` Add SSH config token expansion (eg ``%h``, ``%p``) when
+ parsing ``ProxyJump`` directives. Patch courtesy of Bruno Inec.
- :bug:`1964` (via :issue:`2024` as also reported in :issue:`2023`)
`~paramiko.pkey.PKey` instances' ``__eq__`` did not have the usual safety
guard in place to ensure they were being compared to another ``PKey`` object,
causing occasional spurious ``BadHostKeyException`` (among other things).
This has been fixed. Thanks to Shengdun Hua for the original report/patch and
to Christopher Papke for the final version of the fix.
+- :support:`2004` (via :issue:`2011`) Apply unittest ``skipIf`` to tests
+ currently using SHA1 in their critical path, to avoid failures on systems
+ starting to disable SHA1 outright in their crypto backends (eg RHEL 9).
+ Report & patch via Paul Howarth.
- :bug:`2035` Servers offering certificate variants of hostkey algorithms (eg
``ssh-rsa-cert-v01@openssh.com``) could not have their host keys verified by
Paramiko clients, as it only ever considered non-cert key types for that part
View Lorry Controller Status