Wed, 01 Dec 2021 15:20:24 UTC

Information for build python-paramiko-2.7.0-1.fc32

Package Namepython-paramiko
SummarySSH2 protocol library for python
Built bypghmcfc
State complete
StartedWed, 04 Dec 2019 09:47:11 UTC
CompletedWed, 04 Dec 2019 09:48:23 UTC
Taskbuild (rawhide, /rpms/python-paramiko.git:8fcc17af1a3bb5ffe58f143d1600c237226ab787)
Extra{'source': {'original_url': 'git+'}}
python-paramiko-2.7.0-1.fc32.src.rpm (info) (download)
python-paramiko-doc-2.7.0-1.fc32.noarch.rpm (info) (download)
python3-paramiko-2.7.0-1.fc32.noarch.rpm (info) (download)
Changelog * Wed Dec 04 2019 Paul Howarth <> - 2.7.0-1 - Update to 2.7.0 - Implement support for OpenSSH 6.5-style private key files (typically denoted as having 'BEGIN OPENSSH PRIVATE KEY' headers instead of PEM format's 'BEGIN RSA PRIVATE KEY' or similar); if you were getting any sort of weird auth error from "modern" keys generated on newer operating system releases (such as macOS Mojave), this is the first update to try (GH#602, GH#618, GH#1313, GH#1343) - Token expansion in 'ssh_config' used a different method of determining the local username ('$USER' environment variable), compared to what the (much older) client connection code does ('getpass.getuser', which includes '$USER' but may check other variables first, and is generally much more comprehensive); both modules now use 'getpass.getuser' - A couple of outright '~paramiko.config.SSHConfig' parse errors were previously represented as vanilla 'Exception' instances; as part of recent feature work a more specific exception class, '~paramiko.ssh_exception.ConfigParseError', has been created; it is now also used in those older spots, which is naturally backwards compatible - Implement support for the 'Match' keyword in 'ssh_config' files; previously, this keyword was simply ignored and keywords inside such blocks were treated as if they were part of the previous block (GH#717) - Note: this feature adds a new optional install dependency 'Invoke' (, for managing 'Match exec' subprocesses - Additional installation 'extras_require' "flavors" ('ed25519', 'invoke', and 'all') have been added to our packaging metadata - Paramiko's use of 'subprocess' for 'ProxyCommand' support is conditionally imported to prevent issues on limited interpreter platforms like Google Compute Engine; however, any resulting 'ImportError' was lost instead of preserved for raising (in the rare cases where a user tried leveraging 'ProxyCommand' in such an environment); this has been fixed - Perform deduplication of 'IdentityFile' contents during 'ssh_config' parsing; previously, if your config would result in the same value being encountered more than once, 'IdentityFile' would contain that many copies of the same string - Implement most 'canonical hostname' 'ssh_config' functionality ('CanonicalizeHostname', 'CanonicalDomains', 'CanonicalizeFallbackLocal', and 'CanonicalizeMaxDots'; 'CanonicalizePermittedCNAMEs' has *not* yet been implemented) - all were previously silently ignored (GH#897) - Explicitly document which ssh_config features we currently support; previously users just had to guess, which is simply no good - Add new convenience classmethod constructors to '~paramiko.config.SSHConfig': '~paramiko.config.SSHConfig.from_text', '~paramiko.config.SSHConfig.from_file', and '~paramiko.config.SSHConfig.from_path'; no more annoying two-step process! - Add Recommends: of python3-invoke and python3-pyasn1 for optional functionality * Sun Oct 06 2019 Othman Madjoudj <> - 2.6.0-5 - Drop python2 subpackage since it's eol-ed * Thu Oct 03 2019 Miro Hrončok <> - 2.6.0-4 - Rebuilt for Python 3.8.0rc1 (#1748018) * Mon Aug 19 2019 Miro Hrončok <> - 2.6.0-3 - Rebuilt for Python 3.8 * Fri Jul 26 2019 Fedora Release Engineering <> - 2.6.0-2 - Rebuilt for * Thu Jun 27 2019 Paul Howarth <> - 2.6.0-1 - Update to 2.6.0 - Add a new keyword argument to 'SSHClient.connect' and '~paramiko.transport.Transport', 'disabled_algorithms', which allows selectively disabling one or more kex/key/cipher/etc algorithms; this can be useful when disabling algorithms your target server (or client) does not support cleanly, or to work around unpatched bugs in Paramiko's own implementation thereof (GH#1463) - Tweak many exception classes so their string representations are more human-friendly; this also includes incidental changes to some 'super()' calls (GH#1440, GH#1460) - Add backwards-compatible support for the 'gssapi' GSSAPI library, as the previous backend ('python-gssapi') has become defunct (GH#584, GH#1166, GH#1311) - 'SSHClient.exec_command' now returns a new subclass, '', rather than a naïve '' object for its 'stdin' value, which fixes issues such as hangs when running remote commands that read from stdin (GH#322) - Drop gssapi patch as it's no longer needed - Drop pytest-relaxed patch as it's no longer needed * Thu Jun 27 2019 Paul Howarth <> - 2.5.1-1 - Update to 2.5.1 - Fix Ed25519 key handling so certain key comment lengths don't cause 'SSHException("Invalid key")' (GH#1306, GH#1400) * Mon Jun 10 2019 Paul Howarth <> - 2.5.0-1 - Update to 2.5.0 - Add support for encrypt-then-MAC (ETM) schemes and two newer Diffie-Hellman group key exchange algorithms ('group14', using SHA256; and 'group16', using SHA512) - Add support for Curve25519 key exchange - Raise Cryptography dependency requirement to version 2.5 (from 1.5) and update some deprecated uses of its API - Add support for the modern (as of Python 3.3) import location of 'MutableMapping' (used in host key management) to avoid the old location becoming deprecated in Python 3.8 - Drop hard dependency on pyasn1 as it's only needed for optional GSSAPI functionality * Sat Feb 02 2019 Fedora Release Engineering <> - 2.4.2-2 - Rebuilt for * Tue Oct 09 2018 Paul Howarth <> - 2.4.2-1 - Update to 2.4.2 - Fix exploit (GH#1283, CVE-2018-1000805) in Paramiko’s server mode (not client mode) where hostile clients could trick the server into thinking they were authenticated without actually submitting valid authentication - Modify protocol message handling such that Transport does not respond to MSG_UNIMPLEMENTED with its own MSG_UNIMPLEMENTED; this behavior probably didn’t cause any outright errors, but it doesn’t seem to conform to the RFCs and could cause (non-infinite) feedback loops in some scenarios (usually those involving Paramiko on both ends) - Add *.pub files to the MANIFEST so distributed source packages contain some necessary test assets (GH#1262) - Test suite now requires mock ≥ 2.0.0 * Sat Jul 14 2018 Fedora Release Engineering <> - 2.4.1-5 - Rebuilt for * Wed Jun 20 2018 Miro Hrončok <> - 2.4.1-4 - Rebuilt for Python 3.7 - Remove dependency on on pytest-relaxed * Fri Mar 16 2018 Paul Howarth <> - 2.4.1-1 - Update to 2.4.1 - Fix a security flaw (GH#1175, CVE-2018-7750) in Paramiko's server mode (this does not impact client use) where authentication status was not checked before processing channel-open and other requests typically only sent after authenticating - Ed25519 auth key decryption raised an unexpected exception when given a unicode password string (typical in python 3) (GH#1039) * Fri Feb 09 2018 Fedora Release Engineering <> - 2.4.0-3 - Rebuilt for