diff options
author | Jeff Forcier <jeff@bitprophet.org> | 2018-09-18 21:12:16 -0700 |
---|---|---|
committer | Jeff Forcier <jeff@bitprophet.org> | 2018-09-18 21:12:16 -0700 |
commit | 81ba2acfaca0eebfa2d18abc29e407c6b3b65477 (patch) | |
tree | acd7852c3a87bf7c12187d2b3607c4ad93f2d909 | |
parent | a5ce12d4830e9d3661d1e4ccddef18e112386ee1 (diff) |
Almost left the 1.17+ marker in the changelog.
Would not necessarily have caused issues but hey
-rw-r--r-- | sites/www/changelog.rst | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index d6845e8e..ea400a14 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -7,10 +7,9 @@ Changelog This behavior probably didn't cause any outright errors, but it doesn't seem to conform to the RFCs and could cause (non-infinite) feedback loops in some scenarios (usually those involving Paramiko on both ends). -- :bug:`1283 (1.17+)` Fix exploit (CVE pending) in Paramiko's server mode - (**not** client mode) where hostile clients could trick the server into - thinking they were authenticated without actually submitting valid - authentication. +- :bug:`1283` Fix exploit (CVE pending) in Paramiko's server mode (**not** + client mode) where hostile clients could trick the server into thinking they + were authenticated without actually submitting valid authentication. Specifically, steps have been taken to start separating client and server related message types in the message handling tables within ``Transport`` and |