In Paramiko before 2.10.1, a race condition (between creation and chmod) in the writeprivatekey_file function could allow unauthorized information disclosure.
{ "binaries": [ { "binary_name": "paramiko-doc", "binary_version": "1.16.0-1ubuntu0.2+esm2" }, { "binary_name": "python-paramiko", "binary_version": "1.16.0-1ubuntu0.2+esm2" }, { "binary_name": "python3-paramiko", "binary_version": "1.16.0-1ubuntu0.2+esm2" } ], "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro" }
{ "binaries": [ { "binary_name": "paramiko-doc", "binary_version": "2.0.0-1ubuntu1.3" }, { "binary_name": "python-paramiko", "binary_version": "2.0.0-1ubuntu1.3" }, { "binary_name": "python3-paramiko", "binary_version": "2.0.0-1ubuntu1.3" } ], "availability": "No subscription required" }