diff options
| author | Jeff Forcier <jeff@bitprophet.org> | 2023-12-18 14:43:49 -0500 |
|---|---|---|
| committer | Jeff Forcier <jeff@bitprophet.org> | 2023-12-18 14:43:49 -0500 |
| commit | 43980e7e4f700f78100e80c45a59b7d383af0b7b (patch) | |
| tree | 87047392d3dde8dd810a6d50076ebb73000a6c14 /sites | |
| parent | 207190669131764402e5f96dfa81e01a43d68677 (diff) | |
Mark recent bugs as major
Diffstat (limited to 'sites')
| -rw-r--r-- | sites/www/changelog.rst | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 7ff8cf4c..00f42a70 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -6,9 +6,9 @@ Changelog - :feature:`-` `Transport` grew a new ``packetizer_class`` kwarg for overriding the packet-handler class used internally. Mostly for testing, but advanced users may find this useful when doing deep hacks. -- :bug:`-` Address `CVE 2023-48795 <https://terrapin-attack.com/>`_ (aka the - "Terrapin Attack", a vulnerability found in the SSH protocol re: treatment of - packet sequence numbers) as follows: +- :bug:`- major` Address `CVE 2023-48795 <https://terrapin-attack.com/>`_ (aka + the "Terrapin Attack", a vulnerability found in the SSH protocol re: + treatment of packet sequence numbers) as follows: - The vulnerability only impacts encrypt-then-MAC digest algorithms in tandem with CBC ciphers, and ChaCha20-poly1305; of these, Paramiko @@ -38,8 +38,8 @@ Changelog Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk for submitting details on the CVE prior to release. -- :bug:`-` Tweak ``ext-info-(c|s)`` detection during KEXINIT protocol phase; - the original implementation made assumptions based on an OpenSSH +- :bug:`- major` Tweak ``ext-info-(c|s)`` detection during KEXINIT protocol + phase; the original implementation made assumptions based on an OpenSSH implementation detail. - :release:`3.3.1 <2023-07-28>` - :bug:`-` Cleaned up some very old root level files, mostly just to exercise |