Описание
Security update for python-paramiko
This update for python-paramiko fixes the following issues:
- CVE-2022-24302: Fixed a race condition between creation and chmod when writing private keys. (bsc#1197279)
Список пакетов
Image SLES12-SP4-Azure-BYOS
python3-paramiko-2.4.0-9.13.1
Image SLES12-SP4-SAP-Azure-BYOS
python3-paramiko-2.4.0-9.13.1
Image SLES12-SP5-Azure-BYOS
python3-paramiko-2.4.0-9.13.1
Image SLES12-SP5-Azure-Basic-On-Demand
python3-paramiko-2.4.0-9.13.1
Image SLES12-SP5-Azure-HPC-BYOS
python3-paramiko-2.4.0-9.13.1
Image SLES12-SP5-Azure-HPC-On-Demand
python3-paramiko-2.4.0-9.13.1
Image SLES12-SP5-Azure-SAP-BYOS
python3-paramiko-2.4.0-9.13.1
Image SLES12-SP5-Azure-SAP-On-Demand
python3-paramiko-2.4.0-9.13.1
Image SLES12-SP5-Azure-Standard-On-Demand
python3-paramiko-2.4.0-9.13.1
SUSE Linux Enterprise Module for Public Cloud 12
python-paramiko-2.4.0-9.13.1
python-paramiko-doc-2.4.0-9.13.1
python3-paramiko-2.4.0-9.13.1
Ссылки
- Link for SUSE-SU-2022:1447-1
- E-Mail link for SUSE-SU-2022:1447-1
- SUSE Security Ratings
- SUSE Bug 1197279
- SUSE CVE CVE-2022-24302 page
Описание
In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure.
Затронутые продукты
Image SLES12-SP4-Azure-BYOS:python3-paramiko-2.4.0-9.13.1
Image SLES12-SP4-SAP-Azure-BYOS:python3-paramiko-2.4.0-9.13.1
Image SLES12-SP5-Azure-BYOS:python3-paramiko-2.4.0-9.13.1
Image SLES12-SP5-Azure-Basic-On-Demand:python3-paramiko-2.4.0-9.13.1
Ссылки
- CVE-2022-24302
- SUSE Bug 1197279