-
putty (0.62-10ubuntu0.1) raring-security; urgency=low
* CVE-2013-4206: Buffer underrun in modmul could corrupt the heap.
* CVE-2013-4852: Negative string length in public-key signatures could
cause integer overflow and overwrite all of memory (closes: #718779).
* CVE-2013-4207: Non-coprime values in DSA signatures can cause buffer
overflow in modular inverse.
* CVE-2013-4208: Private keys were left in memory after being used by
PuTTY tools.
* Backport some general proactive potentially-security-relevant tightening
from upstream.
-- Colin Watson <email address hidden> Wed, 07 Aug 2013 11:50:45 +0100
-
putty (0.62-10) unstable; urgency=low
* Backport from upstream (Simon Tatham, closes: #701425):
- Check the return values of setuid and friends.
- Remove the half-hearted attempt to make the utmp helper process drop
privileges just before dying of a fatal signal.
-- Colin Watson <email address hidden> Mon, 25 Feb 2013 20:36:40 +0000
-
putty (0.62-9) unstable; urgency=low
* Backport from upstream (Simon Tatham):
- Fix handling of non-default numeric keypad modes when Num Lock is on
(closes: #680261).
-- Colin Watson <email address hidden> Thu, 23 Aug 2012 12:58:52 +0100
