Hello community, here is the log from the commit of package python-paramiko for openSUSE:Factory checked in at 2017-06-15 11:25:18 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-paramiko (Old) and /work/SRC/openSUSE:Factory/.python-paramiko.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-paramiko" Thu Jun 15 11:25:18 2017 rev:34 rq:503627 version:2.1.3 Changes: -------- --- /work/SRC/openSUSE:Factory/python-paramiko/python-paramiko.changes 2017-04-28 15:23:18.534578204 +0200 +++ /work/SRC/openSUSE:Factory/.python-paramiko.new/python-paramiko.changes 2017-06-15 11:25:52.734346523 +0200 @@ -1,0 +2,36 @@ +Sun Jun 11 16:32:09 UTC 2017 - [email protected] + +- update to 2.1.3 +* Make util.log_to_file append instead of replace. +* SSHClient and Transport could cause a memory leak if there’s a connection + problem or protocol error, even if Transport.close() is called. +* Prior support for ecdsa-sha2-nistp(384|521) algorithms didn’t fully extend + to covering host keys, preventing connection to hosts which only offer + these key types and no others. This is now fixed. +* Prefer newer ecdsa-sha2-nistp keys over RSA and DSA keys during host key + selection. This improves compatibility with OpenSSH, both in terms of general + behavior, and also re: ability to properly leverage OpenSSH-modified + known_hosts files. +* The RC4/arcfour family of ciphers has been broken since version 2.0; but since + the algorithm is now known to be completely insecure, we are opting + to remove support outright instead of fixing it. +* Move sha1 above the now-arguably-broken md5 in the list of preferred MAC + algorithms, as an incremental security improvement for users whose target + systems offer both. +* Writing encrypted/password-protected private key files was silently broken + since 2.0 due to an incorrect API call + Includes a directly related fix, namely adding the ability to read AES-256-CBC + ciphered private keys (which is now what we tend to write out as it is + Cryptography’s default private key cipher.) +* Allow any type implementing the buffer API to be used with BufferedFile, + Channel, and SFTPFile. This resolves a regression introduced in 1.13 + with the Python 3 porting changes, when using types such as memoryview. +* Enhance default cipher preference order such that aes(192|256)-cbc are preferred + over blowfish-cbc. +* SSHClient now requests the type of host key it has (e.g. from known_hosts) + and does not consider a different type to be a “Missing” host key. This fixes + a common case where an ECDSA key is in known_hosts and the server also has + an RSA host key. +* Overhaul the codebase to be PEP-8 + +------------------------------------------------------------------- Old: ---- paramiko-2.1.2.tar.gz New: ---- paramiko-2.1.3.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-paramiko.spec ++++++ --- /var/tmp/diff_new_pack.9OKXkL/_old 2017-06-15 11:25:53.370256756 +0200 +++ /var/tmp/diff_new_pack.9OKXkL/_new 2017-06-15 11:25:53.378255626 +0200 @@ -20,7 +20,7 @@ %{?!python_module:%define python_module() python-%{**} python3-%{**}} Name: python-paramiko -Version: 2.1.2 +Version: 2.1.3 Release: 0 Url: http://www.paramiko.org/ Summary: SSH2 protocol library @@ -28,12 +28,12 @@ Group: Development/Languages/Python Source: https://files.pythonhosted.org/packages/source/p/paramiko/paramiko-%{version}.tar.gz BuildRoot: %{_tmppath}/%{name}-%{version}-build -BuildRequires: fdupes -BuildRequires: python-rpm-macros -BuildRequires: %{python_module devel} -BuildRequires: %{python_module setuptools} BuildRequires: %{python_module cryptography >= 1.1} +BuildRequires: %{python_module devel} BuildRequires: %{python_module pyasn1 >= 0.1.7} +BuildRequires: %{python_module setuptools} +BuildRequires: fdupes +BuildRequires: python-rpm-macros Requires: python-cryptography >= 1.1 Requires: python-pyasn1 >= 0.1.7 BuildArch: noarch ++++++ paramiko-2.1.2.tar.gz -> paramiko-2.1.3.tar.gz ++++++ ++++ 9962 lines of diff (skipped)
