[ol10_u0_developer_EPEL] python3-paramiko-3.5.0-1.el10_0.noarch

Name:	python3-paramiko
Version:	3.5.0
Release:	1.el10_0
Architecture:	noarch
Group:	Unspecified
Size:	1764475
License:	LGPL-2.1-or-later
RPM:	python3-paramiko-3.5.0-1.el10_0.noarch.rpm
Source RPM:	python-paramiko-3.5.0-1.el10_0.src.rpm
Build Date:	Tue Feb 04 2025
Build Host:	build-ol10-x86_64.oracle.com
Vendor:	Oracle America
URL:	https://github.com/paramiko/paramiko
Summary:	SSH2 protocol library for python
Description:	Paramiko (a combination of the Esperanto words for "paranoid" and "friend") is a module for python 2.3 or greater that implements the SSH2 protocol for secure (encrypted and authenticated) connections to remote machines. Unlike SSL (aka TLS), the SSH2 protocol does not require hierarchical certificates signed by a powerful central authority. You may know SSH2 as the protocol that replaced telnet and rsh for secure access to remote shells, but the protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel (this is how sftp works, for example). Python 3 version.

Changelog (Show File list) (Show related packages)

Mon Sep 16 2024 Paul Howarth <paul@city-fan.org> - 3.5.0-1

- Update to 3.5.0 (rhbz#2312503)
  - Add support for AES-GCM encryption ciphers (128 and 256 bit variants)
    (GH#982, GH#2157, GH#2444, rhbz#2311855); this functionality has been
    tested in client mode against OpenSSH 9.0, 9.2 and 9.6, as well as against
    a number of proprietary appliance SSH servers
  - Check for 'None' transport members inside '~paramiko.channel.Channel' when
    closing the channel; this likely doesn't come up much in the real world,
    but was causing warnings in the test suite

Mon Aug 12 2024 Paul Howarth <paul@city-fan.org> - 3.4.1-1

- Update to 3.4.1
  - Massage our import of the TripleDES cipher to support Cryptography ≥ 43;
    this should prevent 'CryptographyDeprecationWarning' from appearing upon
    import (GH#2419, GH#2421)
  - Modify a test-harness skiptest check to work with newer versions of
    Cryptography (GH#2420)
  - Fix a 64-bit-ism in the test suite so the tests don't encounter a false
    negative on 32-bit systems (GH#2353)

Mon Jul 22 2024 Paul Howarth <paul@city-fan.org> - 3.4.0-6

- Fix detection of SHA1 signing support
  https://github.com/paramiko/paramiko/pull/2420
  https://github.com/pyca/cryptography/issues/11332
  https://github.com/PyO3/pyo3/issues/3059
- Remove cache Sphinx build folder ".doctrees"

Fri Jul 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 3.4.0-5
```
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
```
Sat Jun 08 2024 Python Maint <python-maint@redhat.com> - 3.4.0-4
```
- Rebuilt for Python 3.13
```
Fri Jan 26 2024 Fedora Release Engineering <releng@fedoraproject.org> - 3.4.0-3
```
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
```
Mon Jan 22 2024 Fedora Release Engineering <releng@fedoraproject.org> - 3.4.0-2
```
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
```

Tue Dec 19 2023 Gwyn Ciesla <gwync@protonmail.com> - 3.4.0-1

- 3.4.0
  - 'Transport' grew a new 'packetizer_class' kwarg for overriding the
    packet-handler class used internally (mostly for testing, but advanced
    users may find this useful when doing deep hacks)
  - Address CVE 2023-48795 (https://terrapin-attack.com/) a.k.a. the "Terrapin
    Attack", a vulnerability found in the SSH protocol re: treatment of packet
    sequence numbers) as follows:
    - The vulnerability only impacts encrypt-then-MAC digest algorithms in
      tandem with CBC ciphers, and ChaCha20-poly1305; of these, Paramiko
      currently only implements 'hmac-sha2-(256|512)-etm' in tandem with
      'AES-CBC'; if you are unable to upgrade to Paramiko versions containing
      the below fixes right away, you may instead use the 'disabled_algorithms'
      connection option to disable the ETM MACs and/or the CBC ciphers (this
      option is present in Paramiko ≥ 2.6)
    - As the fix for the vulnerability requires both ends of the connection to
      cooperate, the below changes will only take effect when the remote end is
      OpenSSH ≥ 9.6 (or equivalent, such as Paramiko in server mode, as of this
      patch version) and configured to use the new "strict kex" mode (Paramiko
      will always attempt to use "strict kex" mode if offered by the server,
      unless you override this by specifying 'strict_kex=False' in
      'Transport.__init__')
    - Paramiko will now raise an 'SSHException' subclass ('MessageOrderError')
      when protocol messages are received in unexpected order; this includes
      situations like receiving 'MSG_DEBUG' or 'MSG_IGNORE' during initial key
      exchange, which are no longer allowed during strict mode
    - Key (re)negotiation -- i.e. 'MSG_NEWKEYS', whenever it is encountered --
      now resets packet sequence numbers (this should be invisible to users
      during normal operation, only causing exceptions if the exploit is
      encountered, which will usually result in, again, 'MessageOrderError')
    - Sequence number rollover will now raise 'SSHException' if it occurs
      during initial key exchange (regardless of strict mode status)
  - Tweak 'ext-info-(c|s)' detection during KEXINIT protocol phase; the
    original implementation made assumptions based on an OpenSSH implementation
    detail

Sun Jul 30 2023 Paul Howarth <paul@city-fan.org> - 3.3.1-1

- Update to 3.3.1 (rhbz#2227478)
  - Cleaned up some very old root level files, mostly just to exercise some of
    our doc build and release machinery

Fri Jul 28 2023 Gwyn Ciesla <gwync@protonmail.com> - 3.3.0-1

- 3.3.0
  - Add support and tests for 'Match final ..' (frequently used in ProxyJump
    configurations to exclude the jump host) to our SSH config parser (GH#1907,
    GH#1992)
  - Add an explicit 'max_concurrent_prefetch_requests' argument to
    'paramiko.client.SSHClient.get' and 'paramiko.client.SSHClient.getfo',
    allowing users to limit the number of concurrent requests used during
    prefetch (GH#1587, GH#2058)