diff options
| author | Jeff Forcier <jeff@bitprophet.org> | 2018-10-08 10:03:13 -0700 |
|---|---|---|
| committer | Jeff Forcier <jeff@bitprophet.org> | 2018-10-08 10:03:13 -0700 |
| commit | 608ace355cb2755e5326b255de648b238e43c1c9 (patch) | |
| tree | 896ef109d0d5f33e95c23d26b55fc8850ce65936 /sites | |
| parent | a48c8fe45fb1d171846fa8286254bdf039dd7f1a (diff) | |
Finally got a CVE re #1283
Diffstat (limited to 'sites')
| -rw-r--r-- | sites/www/changelog.rst | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 43543d2a..f7d06fdc 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -8,7 +8,7 @@ Changelog behavior probably didn't cause any outright errors, but it doesn't seem to conform to the RFCs and could cause (non-infinite) feedback loops in some scenarios (usually those involving Paramiko on both ends). -- :bug:`1283` Fix exploit (CVE pending) in Paramiko's server mode (**not** +- :bug:`1283` Fix exploit (CVE-2018-1000805) in Paramiko's server mode (**not** client mode) where hostile clients could trick the server into thinking they were authenticated without actually submitting valid authentication. |