========================================================================== Ubuntu Security Notice USN-3796-2 October 17, 2018 paramiko vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 ESM Summary: Paramiko could allow unintended access to network services. Software Description: - paramiko: Python SSH2 library Details: USN-3796-1 fixed a vulnerability in paramiko. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Daniel Hoffman discovered that Paramiko incorrectly handled authentication when being used as a server. A remote attacker could use this issue to bypass authentication without any credentials. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 ESM: python-paramiko 1.7.7.1-2ubuntu1.2 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://usn.ubuntu.com/usn/usn-3796-2 https://usn.ubuntu.com/usn/usn-3796-1 CVE-2018-1000805