lp:ubuntu/trusty-security/putty
- Get this branch:
- bzr branch lp:ubuntu/trusty-security/putty
Branch merges
Branch information
Recent revisions
- 32. By Thomas Ward
-
* SECURITY UPDATE: PuTTY did not properly wipe SSH-2 Private Keys from
system memory, which can allow local users to obtain sensitive information
by reading the memory. (LP: #1467631)
- debian/patches/ private- key-not- wiped-2. patch: Add in fix patch from
Debian 0.63-10 packaging. Thanks to Patrick Coleman for the original
patch.
- CVE-2015-2157 - 31. By Colin Watson
-
* Backport from upstream (Simon Tatham):
- Fix assertion failure in Unix PuTTYgen exports (LP: #1289176). - 30. By Colin Watson
-
* Use dh-autoreconf, with the aid of a few upstream patches to make things
work with current autotools.
* Backport upstream patch to add some assertions in sshzlib.c, fixing
build with -O3. - 28. By Colin Watson
-
* New upstream release.
- CVE-2013-4206: Buffer underrun in modmul could corrupt the heap.
- CVE-2013-4852: Negative string length in public-key signatures could
cause integer overflow and overwrite all of memory (closes: #718779).
- CVE-2013-4207: Non-coprime values in DSA signatures can cause buffer
overflow in modular inverse.
- CVE-2013-4208: Private keys were left in memory after being used by
PuTTY tools.
- Allow using a bold colour and a bold font at the same time (closes:
#193352).
- Use a monotonic clock (closes: #308552).
* Switch to the Autotools-based build system.
* Upgrade to debhelper v9. - 27. By Colin Watson
-
* Backport from upstream (Ben Harris, Simon Tatham):
- Avoid function pointer comparison when using clang. - 26. By Colin Watson
-
* Backport from upstream (Simon Tatham, closes: #701425):
- Check the return values of setuid and friends.
- Remove the half-hearted attempt to make the utmp helper process drop
privileges just before dying of a fatal signal. - 25. By Colin Watson
-
* Backport from upstream (Simon Tatham):
- Fix handling of non-default numeric keypad modes when Num Lock is on
(closes: #680261). - 24. By Colin Watson
-
* Backport from upstream (Simon Tatham):
- Support dead keys and compose sequences (closes: #221786, #250464). - 23. By Colin Watson
-
* Add System category to pterm.desktop (closes: #678126).
* Use dpkg-buildflags to enable hardening options.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/wily/putty