Package: python-paramiko Version: 1.7.1-1 Severity: grave Tags: security Justification: user security hole
Hi ! Using paramiko with threads or multiple forking processes may lead to data leak. You can find the explanation and a patch here: http://www.lag.net/pipermail/paramiko/2008-January/000599.html (look at the followup to fix an error in the patch proposed). Thanks. -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.22-3-686-bigmem (SMP w/2 CPU cores) Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15) Shell: /bin/sh linked to /bin/bash Versions of packages python-paramiko depends on: ii python-crypto 2.0.1+dfsg1-2.1 cryptographic algorithms and proto ii python-support 0.7.6 automated rebuilding support for p python-paramiko recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]