Security update for python-paramiko

SUSE Security Update: Security update for python-paramiko

Announcement ID:	SUSE-SU-2019:0174-1
Rating:	important
References:	#1111151 #1115769 #1121846
Cross-References:	CVE-2018-1000805
Affected Products:	SUSE Linux Enterprise Module for Public Cloud 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Basesystem 15

An update that solves one vulnerability and has two fixes is now available.

Description:

This update for python-paramiko to version 2.4.2 fixes the following issues:
Security issue fixed:

CVE-2018-1000805: Fixed an authentication bypass in auth_handler.py (bsc#1111151)

Non-security issue fixed:

Disable experimental gssapi support (bsc#1115769)

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

SUSE Linux Enterprise Module for Public Cloud 15:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-2019-174=1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15:
zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2019-174=1
SUSE Linux Enterprise Module for Basesystem 15:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-2019-174=1

Package List:

SUSE Linux Enterprise Module for Public Cloud 15 (noarch):
- python3-paramiko-2.4.2-3.3.2
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (noarch):
- python-paramiko-doc-2.4.2-3.3.2
SUSE Linux Enterprise Module for Basesystem 15 (noarch):
- python2-paramiko-2.4.2-3.3.2

Security update for python-paramiko

Description:

Patch Instructions:

Package List:

References:

Business-Critical Linux

Enterprise Container Management

Edge

Soluciones

Industries

Ofertas de asistencia

Servicios globales de SUSE

Recursos de asistencia

Partners

Communities

Acerca de