In Paramiko before 2.10.1, a race condition (between creation and chmod) in the writeprivatekey_file function could allow unauthorized information disclosure.
{ "ubuntu_priority": "medium" }
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "ubuntu_priority": "medium", "binaries": [ { "python-paramiko": "1.16.0-1ubuntu0.2+esm2", "python3-paramiko": "1.16.0-1ubuntu0.2+esm2", "paramiko-doc": "1.16.0-1ubuntu0.2+esm2" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "python-paramiko": "2.0.0-1ubuntu1.3", "python3-paramiko": "2.0.0-1ubuntu1.3", "paramiko-doc": "2.0.0-1ubuntu1.3" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "python3-paramiko": "2.6.0-2ubuntu0.1", "paramiko-doc": "2.6.0-2ubuntu0.1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "python3-paramiko": "2.8.1-1ubuntu3", "paramiko-doc": "2.8.1-1ubuntu3" } ] }