./security/putty, Free implementation of Telnet and SSH for Win32 and Unix platforms

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 0.82, Package name: putty-0.82, Maintainer: pkgsrc-users

PuTTY is a client program for the SSH, Telnet and Rlogin network protocols.

These protocols are all used to run a remote session on a computer, over a
network. PuTTY implements the client end of that session: the end at which
the session is displayed, rather than the end at which it runs.


Required to run:
[x11/gtk3]

Required to build:
[pkgtools/x11-links] [x11/xcb-proto] [x11/fixesproto4] [pkgtools/cwrappers] [x11/xorgproto]

Package options: inet6

Master sites:

Filesize: 2875.145 KB

Version history: (Expand)

CVS history: (Expand)


   2024-12-12 16:29:09 by Ryo ONODERA | Files touched by this commit (3) | Package updated
Log message:
security/putty: Update to 0.82

Changelog:
These features are new in 0.82 (released 2024-11-27):

  * Major refactoring of Unicode handling to allow the use of 'foreign' Unicode
    characters, i.e. outside the system's configured default character set /
    code page. Not yet complete, but the following things work:
      + Windows console: usernames and passwords entered interactively into
        PSCP, PSFTP and Plink can use foreign characters.
      + Windows command line: usernames, remote commands, and filenames entered
        via command-line options can use foreign characters.
      + PuTTY's own terminal (on Windows and Unix): even if it's not configured
        into UTF-8 mode for the main session, interactive usernames and
        passwords can use foreign characters.
  * Unicode version update: all character analysis is updated to Unicode
    16.0.0.
  * Unicode terminal rendering: national and regional flags are now understood
    by PuTTY's terminal emulator. (However, correct display of those flags will
    depend on fonts and operating system.)
  * The Event Log mentions the local address and port number of the outgoing
    connection socket.
  * Bracketed paste mode can now be turned off in the Terminal > Features
    panel.
  * Unix Pageant: new --foreground mode for running as a subprocess.
  * Bug fix: the 'border width' configuration option is now honoured even when
    the window is maximised.
  * Bug fix: SHA-2 based RSA signatures are now sent with correct zero padding.
  * Bug fix: terminal wrap mishandling caused occasional incorrect redraws in
    curses-based applications.
  * Bug fix: Alt + function key in "Xterm 216+" mode sent a spurious extra
    escape character.
   2024-11-17 08:17:06 by Thomas Klausner | Files touched by this commit (944) 
Log message:
*: recursive bump for default-on option of at-spi2-core
   2024-10-10 21:44:33 by Nia Alarie | Files touched by this commit (1) 
Log message:
putty: Make sure extensions mode is enabled for SunOS (sigprocmask)
   2024-04-15 23:55:23 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
putty: update to 0.81.

PuTTY 0.81, released today, fixes a critical vulnerability
CVE-2024-31497 in the use of 521-bit ECDSA keys (ecdsa-sha2-nistp521).
If you have used a 521-bit ECDSA private key with any previous
version of PuTTY, consider the private key compromised: remove the
public key from authorized_keys files, and generate a new key pair.

However, this only affects that one algorithm and key size. No
other size of ECDSA key is affected, and no other key type is
affected.
   2024-04-07 09:35:33 by Thomas Klausner | Files touched by this commit (1138) 
Log message:
*: bump for cairo buildlink3.mk change

lzo was made an option
   2024-04-06 10:07:18 by Thomas Klausner | Files touched by this commit (1490) 
Log message:
* recursive bump for libxkbcommon 1.7.0

Marc Baudoin reported problems with using old binary packages
with the new libkxbcommon, so force everything to 1.7.0
   2023-12-18 16:57:00 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
putty: update to 0.80.

PuTTY version 0.80 is released
------------------------------

This is a SECURITY UPDATE. We recommend that _everybody_ upgrade, as
soon as possible.

There is one security fix in this release:

 - Fix for a newly discovered security issue known as the 'Terrapin'
   attack, also numbered CVE-2023-48795. The issue affects widely-used
   OpenSSH extensions to the SSH protocol: the ChaCha20+Poly1305
   cipher system, and 'encrypt-then-MAC' mode.

   In order to benefit from the fix, you must be using a fixed version
   of PuTTY _and_ a server with the fix, so that they can agree to
   adopt a modified version of the protocol. Alternatively, you may be
   able to reconfigure PuTTY to avoid selecting any of the affected
   modes.

   If PuTTY 0.80 connects to an SSH server without the fix, it will
   warn you if the initial protocol negotiation chooses an insecure
   mode to run the connection in, so that you can abandon the
   connection. If it's possible to alter PuTTY's configuration to
   avoid the problem, then the warning message will tell you how to do
   it.

As well as this security fix, there are two other ordinary bug fixes
in 0.80:

 - On Windows, if you installed the MSI package, PuTTY could not find
   its help file. The help file was installed, but PuTTY wouldn't be
   able to open it, so the help buttons in its dialog boxes were
   missing.

 - Sometimes, if you were looking at the terminal scrollback, the view
   position would be reset to the bottom of the scrollback unwantedly,
   if the server sent terminal output that didn't actually cause
   anything to be printed.
   2023-11-14 15:03:25 by Thomas Klausner | Files touched by this commit (1145) 
Log message:
*: recursive bump for cairo dependency changes