Hello community, here is the log from the commit of package python-paramiko for openSUSE:Factory checked in at 2018-10-15 10:05:10 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-paramiko (Old) and /work/SRC/openSUSE:Factory/.python-paramiko.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-paramiko" Mon Oct 15 10:05:10 2018 rev:39 rq:640326 version:2.4.2 Changes: -------- --- /work/SRC/openSUSE:Factory/python-paramiko/python-paramiko.changes 2018-03-26 13:01:50.179994520 +0200 +++ /work/SRC/openSUSE:Factory/.python-paramiko.new/python-paramiko.changes 2018-10-15 10:05:18.493931742 +0200 @@ -1,0 +2,14 @@ +Fri Oct 5 08:26:46 UTC 2018 - Ondřej Súkup <mimi...@gmail.com> + +- update to 2.4.2 +- refresh paramiko-test_extend_timeout.patch + * Fix exploit (CVE pending) in Paramiko's server mode (not client mode) + where hostile clients could trick the server into thinking they were + authenticated without actually submitting valid authentication. + * Modify protocol message handling such that Transport does not respond + to MSG_UNIMPLEMENTED with its own MSG_UNIMPLEMENTED + * Updated SSHConfig.lookup <paramiko.config.SSHConfig.lookup> so it returns + a new, type-casting-friendly dict subclass (~paramiko.config.SSHConfigDict) + in lieu of dict literals. + +------------------------------------------------------------------- Old: ---- paramiko-2.4.1.tar.gz New: ---- paramiko-2.4.2.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-paramiko.spec ++++++ --- /var/tmp/diff_new_pack.ZE6Jv8/_old 2018-10-15 10:05:19.101931089 +0200 +++ /var/tmp/diff_new_pack.ZE6Jv8/_new 2018-10-15 10:05:19.101931089 +0200 @@ -12,25 +12,23 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # -%bcond_without test - %{?!python_module:%define python_module() python-%{**} python3-%{**}} +%bcond_without test Name: python-paramiko -Version: 2.4.1 +Version: 2.4.2 Release: 0 -Url: http://www.paramiko.org/ Summary: SSH2 protocol library License: LGPL-2.1-or-later Group: Development/Languages/Python +URL: http://www.paramiko.org/ Source: https://files.pythonhosted.org/packages/source/p/paramiko/paramiko-%{version}.tar.gz # certificates needed by testsuite Source1: cert_support.tar.gz Patch0: paramiko-test_extend_timeout.patch -BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: %{python_module PyNaCl >= 1.0.1} BuildRequires: %{python_module bcrypt >= 3.1.3} BuildRequires: %{python_module cryptography >= 1.1} @@ -39,17 +37,16 @@ BuildRequires: %{python_module setuptools} BuildRequires: fdupes BuildRequires: python-rpm-macros -%if %{with test} - -BuildRequires: %{python_module pytest-relaxed} -BuildRequires: %{python_module pytest} -%endif Requires: python-PyNaCl >= 1.0.1 Requires: python-bcrypt >= 3.1.3 Requires: python-cryptography >= 1.5 Requires: python-pyasn1 >= 0.1.7 BuildArch: noarch - +%if %{with test} +BuildRequires: %{python_module mock} +BuildRequires: %{python_module pytest-relaxed} +BuildRequires: %{python_module pytest} +%endif %python_subpackages %description @@ -92,11 +89,12 @@ %endif %files %{python_files} -%defattr(-,root,root) -%doc LICENSE README.rst +%license LICENSE +%doc README.rst %{python_sitelib}/* %files -n python-paramiko-doc -%doc LICENSE demos/ +%license LICENSE +%doc demos/ %changelog ++++++ paramiko-2.4.1.tar.gz -> paramiko-2.4.2.tar.gz ++++++ ++++ 30640 lines of diff (skipped) ++++++ paramiko-test_extend_timeout.patch ++++++ --- /var/tmp/diff_new_pack.ZE6Jv8/_old 2018-10-15 10:05:19.357930814 +0200 +++ /var/tmp/diff_new_pack.ZE6Jv8/_new 2018-10-15 10:05:19.357930814 +0200 @@ -1,11 +1,13 @@ ---- paramiko-2.4.1/tests/test_buffered_pipe.py 2018/03/15 17:40:29 1.1 -+++ paramiko-2.4.1/tests/test_buffered_pipe.py 2018/03/15 17:40:36 -@@ -69,7 +69,7 @@ +Index: paramiko-2.4.2/tests/test_buffered_pipe.py +=================================================================== +--- paramiko-2.4.2.orig/tests/test_buffered_pipe.py ++++ paramiko-2.4.2/tests/test_buffered_pipe.py +@@ -69,7 +69,7 @@ class BufferedPipeTest(unittest.TestCase self.assertTrue(False) except PipeTimeout: pass -- self.assertEqual(b'b', p.read(1, 1.0)) -+ self.assertEqual(b'b', p.read(1, 3.0)) - self.assertEqual(b'', p.read(1)) +- self.assertEqual(b"b", p.read(1, 1.0)) ++ self.assertEqual(b"b", p.read(1, 3.0)) + self.assertEqual(b"", p.read(1)) def test_3_close_while_reading(self):