Package: paramiko Version: 1.7.3-1 Severity: serious Tags: security, patch See http://www.lag.net/pipermail/paramiko/2008-April/000678.html
"Revision #486 [1] (and therefore Paramiko 1.7.3) re-introduces the problems associated with PyCrypto's RandomPool class that I described in my post back in January. RandomPool is not a simple "get random bits" primitive, but paramiko is again using it as one." Patch at http://www.lag.net/pipermail/paramiko/2008-April/000679.html This is fixed in the new upstream 1.7.4 as well. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
