In Paramiko before 2.10.1, a race condition (between creation and chmod) in the writeprivatekey_file function could allow unauthorized information disclosure.
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1.16.0-1ubuntu0.2+esm2", "binary_name": "paramiko-doc" }, { "binary_version": "1.16.0-1ubuntu0.2+esm2", "binary_name": "python-paramiko" }, { "binary_version": "1.16.0-1ubuntu0.2+esm2", "binary_name": "python3-paramiko" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "2.0.0-1ubuntu1.3", "binary_name": "paramiko-doc" }, { "binary_version": "2.0.0-1ubuntu1.3", "binary_name": "python-paramiko" }, { "binary_version": "2.0.0-1ubuntu1.3", "binary_name": "python3-paramiko" } ] }