-
putty (0.62-9ubuntu0.1) quantal-security; urgency=low
* CVE-2013-4206: Buffer underrun in modmul could corrupt the heap.
* CVE-2013-4852: Negative string length in public-key signatures could
cause integer overflow and overwrite all of memory (closes: #718779).
* CVE-2013-4207: Non-coprime values in DSA signatures can cause buffer
overflow in modular inverse.
* CVE-2013-4208: Private keys were left in memory after being used by
PuTTY tools.
* Backport some general proactive potentially-security-relevant tightening
from upstream.
-- Colin Watson <email address hidden> Wed, 07 Aug 2013 11:48:47 +0100
-
putty (0.62-9) unstable; urgency=low
* Backport from upstream (Simon Tatham):
- Fix handling of non-default numeric keypad modes when Num Lock is on
(closes: #680261).
-- Colin Watson <email address hidden> Thu, 23 Aug 2012 12:58:52 +0100
-
putty (0.62-8) unstable; urgency=low
* Backport from upstream (Simon Tatham):
- Support dead keys and compose sequences (closes: #221786, #250464).
-- Colin Watson <email address hidden> Fri, 22 Jun 2012 15:18:51 +0100
-
putty (0.62-7) unstable; urgency=low
* Add System category to pterm.desktop (closes: #678126).
* Use dpkg-buildflags to enable hardening options.
-- Colin Watson <email address hidden> Tue, 19 Jun 2012 13:28:15 +0100
-
putty (0.62-6) unstable; urgency=low
* Backport from upstream (Simon Tatham, Jacob Nevins):
- Generate keys more carefully, so that when the user asks for an n-bit
key they always get an n-bit number instead of n-1. The latter was
perfectly harmless but kept confusing users (closes: #661152).
-- Colin Watson <email address hidden> Sun, 04 Mar 2012 16:09:28 +0000
