From 493444b9db02aac1695d9effca9335f7e60c97d3 Mon Sep 17 00:00:00 2001
From: Florian Haas <florian@citynetwork.eu>
Date: Fri, 12 Oct 2018 11:32:07 +0200
Subject: [PATCH] Bump paramiko version

The server-side vulnerability in Paramiko 2.1.5 does not affect us
(we're only using Paramiko in client mode), but it doesn't hurt
to require a version where the vulnerability is fixed.

References:
https://nvd.nist.gov/vuln/detail/CVE-2018-1000805
https://github.com/paramiko/paramiko/issues/1283
---
 requirements/base.txt | 2 +-
 setup.py              | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/requirements/base.txt b/requirements/base.txt
index 53c7dd1a..deebc3aa 100644
--- a/requirements/base.txt
+++ b/requirements/base.txt
@@ -6,7 +6,7 @@ keystoneauth1==2.18.0
 python-keystoneclient==3.10.0
 python-heatclient==1.6.1
 python-novaclient==7.1.2
-paramiko==2.1.5
+paramiko==2.1.6
 celery==3.1.18
 apscheduler==3.5.1
 -e git+https://github.com/edx/xblock-utils.git@v1.0.5#egg=xblock-utils==v1.0.5
diff --git a/setup.py b/setup.py
index 53609560..b5a1645f 100755
--- a/setup.py
+++ b/setup.py
@@ -64,7 +64,7 @@ def package_data(pkg, roots):
         'python-keystoneclient==3.10.0',
         'python-heatclient==1.6.1',
         'python-novaclient==7.1.2',
-        'paramiko==2.1.5',
+        'paramiko==2.1.6',
         'apscheduler==3.5.1',
     ],
     entry_points={