Merge branch 'master' into 983-int

author: Jeff Forcier <jeff@bitprophet.org> 2017-06-06 13:26:43 -0700
committer: Jeff Forcier <jeff@bitprophet.org> 2017-06-06 13:26:43 -0700
commit: 63dd0e2c2aa2413dd1032de5b2be5b9cc46dac2b (patch)
tree: 5dd1b9bd36792759d412ed8a2780681cf1b952c8 /sites/www
parent: c1233679c448b445ec991710d259eec0a9f64b61 (diff)
parent: 1c88acaac8afd7d0dbf0062bcabff1795a4a729f (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst
index 3f45334d..2e09a5c3 100644
--- a/sites/www/changelog.rst
+++ b/sites/www/changelog.rst
@@ -2,6 +2,18 @@
 Changelog
 =========
 
+* :bug:`-` (partial application of :issue:`983`) Move ``sha1`` above the
+  now-arguably-broken ``md5`` in the list of preferred MAC algorithms, as an
+  incremental security improvement for users whose target systems offer both.
+  Credit: Pierce Lopez.
+* :bug:`667` The RC4/arcfour family of ciphers has been broken since version
+  2.0; but since the algorithm is now known to be completely insecure, we are
+  opting to remove support outright instead of fixing it. Thanks to Alex Gaynor
+  for catch & patch.
+* :feature:`857` Allow `SSHClient.set_missing_host_key_policy
+  <paramiko.client.SSHClient.set_missing_host_key_policy>` to accept policy
+  classes _or_ instances, instead of only instances, thus fixing a
+  long-standing gotcha for unaware users.
 * :feature:`951` Add support for ECDH key exchange (kex), specifically the
   algorithms ``ecdh-sha2-nistp256``, ``ecdh-sha2-nistp384``, and
   ``ecdh-sha2-nistp521``. Thanks to Shashank Veerapaneni for the patch.
author	Jeff Forcier <jeff@bitprophet.org>	2017-06-06 13:26:43 -0700
committer	Jeff Forcier <jeff@bitprophet.org>	2017-06-06 13:26:43 -0700
commit	63dd0e2c2aa2413dd1032de5b2be5b9cc46dac2b (patch)
tree	5dd1b9bd36792759d412ed8a2780681cf1b952c8 /sites/www
parent	c1233679c448b445ec991710d259eec0a9f64b61 (diff)
parent	1c88acaac8afd7d0dbf0062bcabff1795a4a729f (diff)