Univention Bugzilla – Bug 54581
paramiko: Multiple issues (4.4)
Last modified: 2022-03-30 12:16:46 CEST
New Debian paramiko 2.0.0-1+deb9u2 fixes: This update addresses the following issue: * Race condition in the write_private_key_file function (CVE-2022-24302)
--- mirror/ftp/4.4/unmaintained/component/4.4-8-errata/source/paramiko_2.0.0-1+deb9u1.dsc +++ apt/ucs_4.4-0-errata4.4-8/source/paramiko_2.0.0-1+deb9u2.dsc @@ -1,3 +1,10 @@ +2.0.0-1+deb9u2 [Mon, 21 Mar 2022 11:13:38 +0000] Chris Lamb <lamby@debian.org>: + + * Non-maintainer upload by the LTS Team. + * CVE-2022-24302: Prevent a race condition during the creation of private + keys which could have let to unauthorised information disclosure. + (Closes: #1008012) + 2.0.0-1+deb9u1 [Tue, 28 Dec 2021 02:09:08 +0530] Utkarsh Gupta <utkarsh@debian.org>: * Non-maintainer upload by the LTS Team. <http://piuparts.knut.univention.de/4.4-8/#6541131857078715043>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-8] 24391df13a Bug #54581: paramiko 2.0.0-1+deb9u2 doc/errata/staging/paramiko.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+)
<https://errata.software-univention.de/#/?erratum=4.4x1210>