[Bug 1665565] [NEW] python-paramiko 1.16.0-1 incompatible with python-crypto 2.6.1-6ubuntu0.16.04.1
Kenneth Henderick
kenneth at ketronic.be
Fri Feb 17 08:20:59 UTC 2017
Public bug reported:
Since python-crypto 2.6.1-6ubuntu0.16.04.1 landed, it seems python-
paramiko 1.16.0-1 is not working anymore.
/usr/lib/python2.7/dist-packages/paramiko/client.pyc in connect(self, hostname, port, username, password, pkey, key_filename, timeout, allow_agent, look_for_keys, compress, sock, gss_auth, gss_kex, gss_deleg_creds, gss_host, banner_timeout)
323 if banner_timeout is not None:
324 t.banner_timeout = banner_timeout
--> 325 t.start_client()
326 ResourceManager.register(self, t)
327
/usr/lib/python2.7/dist-packages/paramiko/transport.pyc in start_client(self, event)
490 e = self.get_exception()
491 if e is not None:
--> 492 raise e
493 raise SSHException('Negotiation failed.')
494 if event.is_set():
ValueError: CTR mode needs counter parameter, not IV
Seems related to the fix for CVE-2013-7459
Extra information:
root at kh001:~# lsb_release -rd
Description: Ubuntu 16.04.1 LTS
Release: 16.04
root at kh001:~# apt-cache policy python-paramiko
python-paramiko:
Installed: 1.16.0-1
Candidate: 1.16.0-1
Version table:
*** 1.16.0-1 500
500 http://be.archive.ubuntu.com/ubuntu xenial/main amd64 Packages
500 http://be.archive.ubuntu.com/ubuntu xenial/main i386 Packages
100 /var/lib/dpkg/status
root at kh001:~# apt-cache policy python-crypto
python-crypto:
Installed: 2.6.1-6ubuntu0.16.04.1
Candidate: 2.6.1-6ubuntu0.16.04.1
Version table:
*** 2.6.1-6ubuntu0.16.04.1 500
500 http://be.archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages
500 http://security.ubuntu.com/ubuntu xenial-security/main amd64 Packages
100 /var/lib/dpkg/status
2.6.1-6build1 500
500 http://be.archive.ubuntu.com/ubuntu xenial/main amd64 Packages
** Affects: paramiko (Ubuntu)
Importance: Undecided
Status: New
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-7459
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to paramiko in Ubuntu.
https://bugs.launchpad.net/bugs/1665565
Title:
python-paramiko 1.16.0-1 incompatible with python-crypto
2.6.1-6ubuntu0.16.04.1
Status in paramiko package in Ubuntu:
New
Bug description:
Since python-crypto 2.6.1-6ubuntu0.16.04.1 landed, it seems python-
paramiko 1.16.0-1 is not working anymore.
/usr/lib/python2.7/dist-packages/paramiko/client.pyc in connect(self, hostname, port, username, password, pkey, key_filename, timeout, allow_agent, look_for_keys, compress, sock, gss_auth, gss_kex, gss_deleg_creds, gss_host, banner_timeout)
323 if banner_timeout is not None:
324 t.banner_timeout = banner_timeout
--> 325 t.start_client()
326 ResourceManager.register(self, t)
327
/usr/lib/python2.7/dist-packages/paramiko/transport.pyc in start_client(self, event)
490 e = self.get_exception()
491 if e is not None:
--> 492 raise e
493 raise SSHException('Negotiation failed.')
494 if event.is_set():
ValueError: CTR mode needs counter parameter, not IV
Seems related to the fix for CVE-2013-7459
Extra information:
root at kh001:~# lsb_release -rd
Description: Ubuntu 16.04.1 LTS
Release: 16.04
root at kh001:~# apt-cache policy python-paramiko
python-paramiko:
Installed: 1.16.0-1
Candidate: 1.16.0-1
Version table:
*** 1.16.0-1 500
500 http://be.archive.ubuntu.com/ubuntu xenial/main amd64 Packages
500 http://be.archive.ubuntu.com/ubuntu xenial/main i386 Packages
100 /var/lib/dpkg/status
root at kh001:~# apt-cache policy python-crypto
python-crypto:
Installed: 2.6.1-6ubuntu0.16.04.1
Candidate: 2.6.1-6ubuntu0.16.04.1
Version table:
*** 2.6.1-6ubuntu0.16.04.1 500
500 http://be.archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages
500 http://security.ubuntu.com/ubuntu xenial-security/main amd64 Packages
100 /var/lib/dpkg/status
2.6.1-6build1 500
500 http://be.archive.ubuntu.com/ubuntu xenial/main amd64 Packages
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/paramiko/+bug/1665565/+subscriptions
More information about the foundations-bugs
mailing list