Log message:
security/putty: Update to 0.83

Changelog:
0.83 is mostly a bug-fix release, but there are also two new features:

 - In SSH, we now support key exchange using the post-quantum
   algorithm "ML-KEM", recently standardised by NIST. This is our
   second supported post-quantum algorithm, in addition to NTRU Prime
   which has been in PuTTY since 0.78. At present, both algorithms are
   run in parallel with an existing classical algorithm, just in case.

 - On Windows, all of the PuTTY tools' file selector dialogs now
   support Unicode file names which don't fit into the system code
   page. (But like the rest of the recent Unicode additions, such
   filenames still can't reliably be stored in saved sessions.)

Bug fixes in this release include:

 - PSFTP's command line option '-b', for handling batch files of PSFTP
   commands, was completely broken in 0.82 as a side effect of Unicode
   support work. It's now fixed again.

 - PuTTY could fail an assertion if an SSH server timed out your
   connection while you were still at the login prompt, and then you
   selected 'Restart Session'.

 - Pageant could crash if you loaded a key into it still encrypted,
   started an SSH connection which caused Pageant to prompt for the
   key's passphrase, and then abandoned the SSH connection before
   entering the passphrase.

 - PuTTY could go into a tight loop, consuming CPU and not responding,
   if you configured the terminal answerback to the empty string.

 - Text entered into some edit boxes in the GUI configuration dialog
   was accidentally truncated to 127 characters before writing it into
   the saved configuration.

 - The default 32-bit Windows builds of PuTTY stopped running on
   Windows XP, not intentionally. (Windows would report them as
   incompatible.)

 - PuTTY's username and password prompts in the terminal accidentally
   stopped recognising the keystrokes Ctrl+M and Ctrl+J as ways to
   terminate an input line, which broke third-party tools which send
   keystrokes to PuTTY and expected those sequences to work.

 - Windows PuTTY could fail to update the window width and height
   fields in its configuration when resized via the PowerToys
   "FancyZones" tool, or any other tool that resize application
   windows by the same method.

 - On Unix PuTTY and pterm, the keys on the small keypad above the
   arrows (Home, End etc) could misbehave in some builds, including
   doing nothing at all.

Log message:
putty: fix build

Log message:
*: recursive bump for pango requiring fontconfig 2.15

Log message:
security/putty: Update to 0.82

Changelog:
These features are new in 0.82 (released 2024-11-27):

  * Major refactoring of Unicode handling to allow the use of 'foreign' Unicode
    characters, i.e. outside the system's configured default character set /
    code page. Not yet complete, but the following things work:
      + Windows console: usernames and passwords entered interactively into
        PSCP, PSFTP and Plink can use foreign characters.
      + Windows command line: usernames, remote commands, and filenames entered
        via command-line options can use foreign characters.
      + PuTTY's own terminal (on Windows and Unix): even if it's not configured
        into UTF-8 mode for the main session, interactive usernames and
        passwords can use foreign characters.
  * Unicode version update: all character analysis is updated to Unicode
    16.0.0.
  * Unicode terminal rendering: national and regional flags are now understood
    by PuTTY's terminal emulator. (However, correct display of those flags will
    depend on fonts and operating system.)
  * The Event Log mentions the local address and port number of the outgoing
    connection socket.
  * Bracketed paste mode can now be turned off in the Terminal > Features
    panel.
  * Unix Pageant: new --foreground mode for running as a subprocess.
  * Bug fix: the 'border width' configuration option is now honoured even when
    the window is maximised.
  * Bug fix: SHA-2 based RSA signatures are now sent with correct zero padding.
  * Bug fix: terminal wrap mishandling caused occasional incorrect redraws in
    curses-based applications.
  * Bug fix: Alt + function key in "Xterm 216+" mode sent a spurious extra
    escape character.

Log message:
*: recursive bump for default-on option of at-spi2-core

Log message:
putty: Make sure extensions mode is enabled for SunOS (sigprocmask)

Log message:
putty: update to 0.81.

PuTTY 0.81, released today, fixes a critical vulnerability
CVE-2024-31497 in the use of 521-bit ECDSA keys (ecdsa-sha2-nistp521).
If you have used a 521-bit ECDSA private key with any previous
version of PuTTY, consider the private key compromised: remove the
public key from authorized_keys files, and generate a new key pair.

However, this only affects that one algorithm and key size. No
other size of ECDSA key is affected, and no other key type is
affected.

Log message:
*: bump for cairo buildlink3.mk change

lzo was made an option

Log message:
* recursive bump for libxkbcommon 1.7.0

Marc Baudoin reported problems with using old binary packages
with the new libkxbcommon, so force everything to 1.7.0

Log message:
putty: update to 0.80.

PuTTY version 0.80 is released
------------------------------

This is a SECURITY UPDATE. We recommend that _everybody_ upgrade, as
soon as possible.

There is one security fix in this release:

 - Fix for a newly discovered security issue known as the 'Terrapin'
   attack, also numbered CVE-2023-48795. The issue affects widely-used
   OpenSSH extensions to the SSH protocol: the ChaCha20+Poly1305
   cipher system, and 'encrypt-then-MAC' mode.

   In order to benefit from the fix, you must be using a fixed version
   of PuTTY _and_ a server with the fix, so that they can agree to
   adopt a modified version of the protocol. Alternatively, you may be
   able to reconfigure PuTTY to avoid selecting any of the affected
   modes.

   If PuTTY 0.80 connects to an SSH server without the fix, it will
   warn you if the initial protocol negotiation chooses an insecure
   mode to run the connection in, so that you can abandon the
   connection. If it's possible to alter PuTTY's configuration to
   avoid the problem, then the warning message will tell you how to do
   it.

As well as this security fix, there are two other ordinary bug fixes
in 0.80:

 - On Windows, if you installed the MSI package, PuTTY could not find
   its help file. The help file was installed, but PuTTY wouldn't be
   able to open it, so the help buttons in its dialog boxes were
   missing.

 - Sometimes, if you were looking at the terminal scrollback, the view
   position would be reset to the bottom of the scrollback unwantedly,
   if the server sent terminal output that didn't actually cause
   anything to be printed.