Adress CVE 2023-48795
with paramiko
upgrade
#6430
Labels
backport
Issues which are backported to additional releases
bug
LTS
Issue must be included in LTS release line
Release management
Milestone
Description
See https://terrapin-attack.com
SSH authentication against Rucio is a rarely, if at all, used feature and it is not clear if the functionality we use would be affected by this vulnerability (It is a rather complex attack vector, likely not exploitable by an anonymous attacker). However updating the dependency is the prudent thing to do.
Steps to reproduce
none
Rucio Version
33, 32 LTS and 1.29 LTS
Additional Information
No response
The text was updated successfully, but these errors were encountered: