-
putty (0.63-8ubuntu0.1) utopic-security; urgency=medium
* SECURITY UPDATE: PuTTY did not properly wipe SSH-2 Private Keys from
system memory, which can allow local users to obtain sensitive information
by reading the memory. (LP: #1467631)
- debian/patches/private-key-not-wiped-2.patch: Add in fix patch from
Debian 0.63-10 packaging. Thanks to Patrick Coleman for the original
patch.
- CVE-2015-2157
-- Thomas Ward <email address hidden> Mon, 22 Jun 2015 14:12:25 -0400
-
putty (0.63-8) unstable; urgency=medium
* Backport from upstream (Simon Tatham), suggested by Jacob Nevins:
- Fix incorrect handling of saved sessions with a dynamic SOCKS tunnel
bound to a specific protocol (IPv4 or IPv6).
-- Colin Watson <email address hidden> Sun, 12 Oct 2014 20:47:42 +0100
-
putty (0.63-7) unstable; urgency=medium
* Build with all hardening options. (Thanks to somebody whose e-mail I
unfortunately deleted by mistake and so cannot reply to it ...)
-- Colin Watson <email address hidden> Sun, 24 Aug 2014 00:29:36 +0100
-
putty (0.63-5) unstable; urgency=medium
* Backport from upstream (Simon Tatham):
- Fix an annoying timer-handling warning from current versions of GTK.
-- Colin Watson <email address hidden> Mon, 21 Apr 2014 21:57:57 +0100
-
putty (0.63-4) unstable; urgency=medium
* Backport from upstream (Simon Tatham):
- Fix assertion failure in Unix PuTTYgen exports (LP: #1289176).
-- Colin Watson <email address hidden> Tue, 08 Apr 2014 12:19:08 +0100