summaryrefslogtreecommitdiffhomepage
path: root/sites
diff options
context:
space:
mode:
authorJeff Forcier <jeff@bitprophet.org>2022-04-25 08:15:42 -0400
committerJeff Forcier <jeff@bitprophet.org>2022-04-25 08:15:42 -0400
commitd9eb35c69ab29a1ad7a9e3dd5325d4cab9dd2bc0 (patch)
treebfa73aede87b442db84627cbe9075d3082a1601f /sites
parent9151b5a5ef6634142cc810193a59630c863549c3 (diff)
parent47529be4385cffba6851f10e505f5683290d116e (diff)
Merge branch '2.10'
Diffstat (limited to 'sites')
-rw-r--r--sites/www/changelog.rst10
1 files changed, 10 insertions, 0 deletions
diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst
index 4c033ab3..eda7d1e5 100644
--- a/sites/www/changelog.rst
+++ b/sites/www/changelog.rst
@@ -2,10 +2,20 @@
Changelog
=========
+- :bug:`1964` (via :issue:`2024` as also reported in :issue:`2023`)
+ `~paramiko.pkey.PKey` instances' ``__eq__`` did not have the usual safety
+ guard in place to ensure they were being compared to another ``PKey`` object,
+ causing occasional spurious ``BadHostKeyException`` (among other things).
+ This has been fixed. Thanks to Shengdun Hua for the original report/patch and
+ to Christopher Papke for the final version of the fix.
- :support:`2004` (via :issue:`2011`) Apply unittest ``skipIf`` to tests
currently using SHA1 in their critical path, to avoid failures on systems
starting to disable SHA1 outright in their crypto backends (eg RHEL 9).
Report & patch via Paul Howarth.
+- :bug:`2035` Servers offering certificate variants of hostkey algorithms (eg
+ ``ssh-rsa-cert-v01@openssh.com``) could not have their host keys verified by
+ Paramiko clients, as it only ever considered non-cert key types for that part
+ of connection handshaking. This has been fixed.
- :release:`2.10.3 <2022-03-18>`
- :release:`2.9.3 <2022-03-18>`
- :bug:`1963` (via :issue:`1977`) Certificate-based pubkey auth was