diff options
author | Jeff Forcier <jeff@bitprophet.org> | 2022-04-25 08:15:42 -0400 |
---|---|---|
committer | Jeff Forcier <jeff@bitprophet.org> | 2022-04-25 08:15:42 -0400 |
commit | d9eb35c69ab29a1ad7a9e3dd5325d4cab9dd2bc0 (patch) | |
tree | bfa73aede87b442db84627cbe9075d3082a1601f /sites | |
parent | 9151b5a5ef6634142cc810193a59630c863549c3 (diff) | |
parent | 47529be4385cffba6851f10e505f5683290d116e (diff) |
Merge branch '2.10'
Diffstat (limited to 'sites')
-rw-r--r-- | sites/www/changelog.rst | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 4c033ab3..eda7d1e5 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,10 +2,20 @@ Changelog ========= +- :bug:`1964` (via :issue:`2024` as also reported in :issue:`2023`) + `~paramiko.pkey.PKey` instances' ``__eq__`` did not have the usual safety + guard in place to ensure they were being compared to another ``PKey`` object, + causing occasional spurious ``BadHostKeyException`` (among other things). + This has been fixed. Thanks to Shengdun Hua for the original report/patch and + to Christopher Papke for the final version of the fix. - :support:`2004` (via :issue:`2011`) Apply unittest ``skipIf`` to tests currently using SHA1 in their critical path, to avoid failures on systems starting to disable SHA1 outright in their crypto backends (eg RHEL 9). Report & patch via Paul Howarth. +- :bug:`2035` Servers offering certificate variants of hostkey algorithms (eg + ``ssh-rsa-cert-v01@openssh.com``) could not have their host keys verified by + Paramiko clients, as it only ever considered non-cert key types for that part + of connection handshaking. This has been fixed. - :release:`2.10.3 <2022-03-18>` - :release:`2.9.3 <2022-03-18>` - :bug:`1963` (via :issue:`1977`) Certificate-based pubkey auth was |