Publishing details
Changelog
putty (0.74-1+deb11u1) bullseye-security; urgency=medium
* Cherry-pick from upstream:
- CVE-2021-36367: New option to reject 'trivial' success of userauth
(closes: #990901).
- New macro PTRLEN_DECL_LITERAL.
- Extra utility function add_to_commasep_pl.
- CVE-2023-48795: Support OpenSSH's new strict kex feature (thanks to
Simon Tatham for backporting assistance).
Note that this does _not_ include upstream's added UI warning for
servers vulnerable to Terrapin, which was too difficult to backport to
this version.
-- Colin Watson <email address hidden> Fri, 22 Dec 2023 17:36:21 +0000
Builds
Package files