# HG changeset patch # User Jeff Forcier <jeff@bitprophet.org> # Date 1664289564 14400 # Tue Sep 27 10:39:24 2022 -0400 # Node ID 4d18a7bd8640e50bad083635ef75cb69af9fa56a # Parent 7c97063c00d014c57cef77bf00177993dfd32309 Mark CVE bug as 2.10-only in changelog diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -69,7 +69,7 @@ <https://bitprophet.org/projects/#roadmap>`_. - :release:`2.10.1 <2022-03-11>` -- :bug:`-` (`CVE-2022-24302 +- :bug:`- (2.10+)` (`CVE-2022-24302 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24302>`_) Creation of new private key files using `~paramiko.pkey.PKey` subclasses was subject to a race condition between file creation & mode modification, which could be