diff options
Diffstat (limited to 'sites')
| -rw-r--r-- | sites/www/changelog.rst | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index df438626..920bca10 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -6,6 +6,7 @@ Changelog private key data is loaded, instead of the natural result of ``IndexError``. This should help more bits of Paramiko or Paramiko-adjacent codebases to correctly handle this class of error. Credit: Nicholas Dietz. +- :release:`2.11.0 <2022-05-16>` - :release:`2.10.5 <2022-05-16>` - :release:`2.9.5 <2022-05-16>` - :bug:`1933` Align signature verification algorithm with OpenSSH re: @@ -20,6 +21,12 @@ Changelog to what OpenSSH's own client does: a version check is performed and the algorithm used is downgraded if needed. Reported by Adarsh Chauhan, with fix suggested by Jun Omae. +- :support:`2038` (via :issue:`2039`) Recent versions of Cryptography have + deprecated Blowfish algorithm support; in lieu of an easy method for users to + remove it from the list of algorithms Paramiko tries to import and use, we've + decided to remove it from our "preferred algorithms" list. This will both + discourage use of a weak algorithm, and avoid warnings. Credit for + report/patch goes to Mike Roest. - :bug:`2008` (via :issue:`2010`) Windows-native SSH agent support as merged in 2.10 could encounter ``Errno 22`` ``OSError`` exceptions in some scenarios (eg server not cleanly closing a relevant named pipe). This has been worked @@ -33,12 +40,18 @@ Changelog under Python 3.10. Thanks to Karthikeyan Singaravelan for the report, ``@Narendra-Neerukonda`` for the patch, and to Thomas Grainger and Jun Omae for patch workshopping. +- :feature:`1951` Add SSH config token expansion (eg ``%h``, ``%p``) when + parsing ``ProxyJump`` directives. Patch courtesy of Bruno Inec. - :bug:`1964` (via :issue:`2024` as also reported in :issue:`2023`) `~paramiko.pkey.PKey` instances' ``__eq__`` did not have the usual safety guard in place to ensure they were being compared to another ``PKey`` object, causing occasional spurious ``BadHostKeyException`` (among other things). This has been fixed. Thanks to Shengdun Hua for the original report/patch and to Christopher Papke for the final version of the fix. +- :support:`2004` (via :issue:`2011`) Apply unittest ``skipIf`` to tests + currently using SHA1 in their critical path, to avoid failures on systems + starting to disable SHA1 outright in their crypto backends (eg RHEL 9). + Report & patch via Paul Howarth. - :bug:`2035` Servers offering certificate variants of hostkey algorithms (eg ``ssh-rsa-cert-v01@openssh.com``) could not have their host keys verified by Paramiko clients, as it only ever considered non-cert key types for that part |