python-paramiko 1.16.0-1 incompatible with python-crypto 2.6.1-6ubuntu0.16.04.1
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
MySQL Workbench |
Invalid
|
Undecided
|
Unassigned | ||
OpenStack Charm Test Infra |
Fix Released
|
Critical
|
Ryan Beisner | ||
paramiko (Ubuntu) |
Invalid
|
Critical
|
Ubuntu Security Team |
Bug Description
Since python-crypto 2.6.1-6ubuntu0.
/usr/lib/
323 if banner_timeout is not None:
324 t.banner_timeout = banner_timeout
--> 325 t.start_client()
326 ResourceManager
327
/usr/lib/
490 e = self.get_
491 if e is not None:
--> 492 raise e
493 raise SSHException(
494 if event.is_set():
ValueError: CTR mode needs counter parameter, not IV
Seems related to the fix for CVE-2013-7459
Extra information:
root@kh001:~# lsb_release -rd
Description: Ubuntu 16.04.1 LTS
Release: 16.04
root@kh001:~# apt-cache policy python-paramiko
python-paramiko:
Installed: 1.16.0-1
Candidate: 1.16.0-1
Version table:
*** 1.16.0-1 500
500 http://
500 http://
100 /var/lib/
root@kh001:~# apt-cache policy python-crypto
python-crypto:
Installed: 2.6.1-6ubuntu0.
Candidate: 2.6.1-6ubuntu0.
Version table:
*** 2.6.1-6ubuntu0.
500 http://
500 http://
100 /var/lib/
2.6.1-6build1 500
500 http://
CVE References
Changed in charm-test-infra: | |
assignee: | nobody → Ryan Beisner (1chb1n) |
importance: | Undecided → Critical |
status: | New → Confirmed |
tags: | added: uosci |
tags: | added: trusty xenial |
tags: | added: regression-update |
tags: | added: oil |
Changed in paramiko (Ubuntu): | |
assignee: | nobody → Ubuntu Security Team (ubuntu-security) |
Status changed to 'Confirmed' because the bug affects multiple users.