Path to this page:
Subject: CVS commit: [pkgsrc-2013Q2] pkgsrc/security/putty
From: Matthias Scheler
Date: 2013-08-21 21:40:13
Message id: 20130821194013.85C8296@cvs.netbsd.org
Log Message:
Pullup ticket #4216 - requested by drochner
security/putty: security update
Revisions pulled up:
- security/putty/Makefile 1.34-1.35
- security/putty/distinfo 1.14-1.15
- security/putty/patches/patch-CVE-2013-4852-1 deleted
- security/putty/patches/patch-CVE-2013-4852-2 deleted
- security/putty/patches/patch-import.c 1.2-1.3
- security/putty/patches/patch-terminal.c deleted
- security/putty/patches/patch-timing.c 1.2
- security/putty/patches/patch-unix_gtkfont_c deleted
- security/putty/patches/patch-unix_gtkwin.c 1.3
- security/putty/patches/patch-unix_uxnet.c 1.2
- security/putty/patches/patch-unix_uxucs.c 1.2
- security/putty/patches/patch-windows_window.c 1.2
---
Module Name: pkgsrc
Committed By: drochner
Date: Tue Aug 6 12:23:37 UTC 2013
Modified Files:
pkgsrc/security/putty: Makefile distinfo
pkgsrc/security/putty/patches: patch-import.c
Added Files:
pkgsrc/security/putty/patches: patch-CVE-2013-4852-1
patch-CVE-2013-4852-2
Log Message:
add patch from upstream to fix possible heap overflow in SSH handshake
due to integer overflow (CVE-2013-4852)
bump PKGREV
---
Module Name: pkgsrc
Committed By: drochner
Date: Wed Aug 7 11:06:39 UTC 2013
Modified Files:
pkgsrc/security/putty: Makefile distinfo
pkgsrc/security/putty/patches: patch-import.c patch-timing.c
patch-unix_gtkwin.c patch-unix_uxnet.c patch-unix_uxucs.c
patch-windows_window.c
Removed Files:
pkgsrc/security/putty/patches: patch-CVE-2013-4852-1
patch-CVE-2013-4852-2 patch-terminal.c patch-unix_gtkfont_c
Log Message:
update to 0.63
This fixes a buffer overflow which was patched in pkgsrc
(CVE-2013-4852), two other buffer overflows (CVE-2013-4206,
CVE-2013-4207), and it clears private keys after use now
(CVE-2013-4208). Other than that, there are mostly bug fixes from 0.62
and a few small features.
Files: