Category Archives: Advisories

Advisories

ghostwriter-2.1.2-1.fc36

Read Time:8 Second

FEDORA-2022-c42d02e5e5

Packages in this update:

ghostwriter-2.1.2-1.fc36

Update description:

Updated to version 2.1.2 with CVE-2022-24724 vulnerability fix.

Read More

Advisories

python-paramiko-2.4.3-2.el8

Read Time:30 Second

FEDORA-EPEL-2022-ad126686cf

Packages in this update:

python-paramiko-2.4.3-2.el8

Update description:

CVE-2022-24302: Creation of new private key files using ~paramiko.pkey.PKey subclasses was subject to a race condition between file creation and mode modification, which could be exploited by an attacker with knowledge of where the Paramiko-using code would write out such files; this has been patched by using os.open and os.fdopen to ensure new files are opened with the correct mode immediately (we’ve left the subsequent explicit ‘chmod’ in place to minimize any possible disruption).

Read More

Advisories

python-paramiko-2.10.1-1.fc35

Read Time:32 Second

FEDORA-2022-8eb95d8611

Packages in this update:

python-paramiko-2.10.1-1.fc35

Update description:

CVE-2022-24302: Creation of new private key files using ~paramiko.pkey.PKey subclasses was subject to a race condition between file creation and mode modification, which could be exploited by an attacker with knowledge of where the Paramiko-using code would write out such files; this has been patched by using os.open and os.fdopen to ensure new files are opened with the correct mode immediately (we’ve left the subsequent explicit ‘chmod’ in place to minimize any possible disruption, though it may get removed in future backwards-incompatible updates).

Read More

Advisories

python-paramiko-2.10.1-1.fc36

Read Time:32 Second

FEDORA-2022-bb5c461682

Packages in this update:

python-paramiko-2.10.1-1.fc36

Update description:

CVE-2022-24302: Creation of new private key files using ~paramiko.pkey.PKey subclasses was subject to a race condition between file creation and mode modification, which could be exploited by an attacker with knowledge of where the Paramiko-using code would write out such files; this has been patched by using os.open and os.fdopen to ensure new files are opened with the correct mode immediately (we’ve left the subsequent explicit ‘chmod’ in place to minimize any possible disruption, though it may get removed in future backwards-incompatible updates).

Read More

Advisories

python-paramiko-2.10.1-1.fc34

Read Time:32 Second

FEDORA-2022-806492f1d1

Packages in this update:

python-paramiko-2.10.1-1.fc34

Update description:

CVE-2022-24302: Creation of new private key files using ~paramiko.pkey.PKey subclasses was subject to a race condition between file creation and mode modification, which could be exploited by an attacker with knowledge of where the Paramiko-using code would write out such files; this has been patched by using os.open and os.fdopen to ensure new files are opened with the correct mode immediately (we’ve left the subsequent explicit ‘chmod’ in place to minimize any possible disruption, though it may get removed in future backwards-incompatible updates).

Read More