Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  nodelist  faq  login

There is no distinction between any AI program and some existent game.


computers / comp.security.ssh / PuTTY 0.73 is released

SubjectAuthor
o PuTTY 0.73 is releasedSimon Tatham

1
Subject: PuTTY 0.73 is released
From: Simon Tatham
Newsgroups: comp.security.ssh
Date: Sun, 29 Sep 2019 15:19 UTC
Path: i2pn2.org!i2pn.org!paganini.bofh.team!newsfeed.xs3.de!nntp-feed.chiark.greenend.org.uk!ewrotcd!.POSTED!not-for-mail
From: ana...@pobox.com (Simon Tatham)
Newsgroups: comp.security.ssh
Subject: PuTTY 0.73 is released
Date: 29 Sep 2019 16:19:48 +0100 (BST)
Lines: 51
Message-ID: <8Oe*Lldzx@news.chiark.greenend.org.uk>
NNTP-Posting-Host: chiark.greenend.org.uk
X-Trace: chiark.greenend.org.uk 1569770390 4752 212.13.197.229 (29 Sep 2019 15:19:50 GMT)
X-Complaints-To: abuse@chiark.greenend.org.uk
NNTP-Posting-Date: Sun, 29 Sep 2019 15:19:50 +0000 (UTC)
X-Newsreader: trn 4.0-test77 (Sep 1, 2010)
Originator: simon@tunnel.thyestes.tartarus.org ([172.31.80.4])
View all headers
PuTTY version 0.73 is released
------------------------------

All the pre-built binaries, and the source code, are now available
from the PuTTY website at

    https://www.chiark.greenend.org.uk/~sgtatham/putty/

This is a SECURITY UPDATE, fixing minor vulnerabilities affecting port
forwarding on Windows; bracketed paste mode in the terminal; and any
use of SSH-1. We recommend that anyone using those features should
update.

Vulnerabilities fixed in this release include:

 - On Windows, the listening sockets used for local port forwarding
   were opened in a mode that did not prevent other processes from
   also listening on the same ports and stealing some of the incoming
   connections.

 - In the PuTTY terminal, bracketed paste mode was broken in 0.72, in
   a way that made the pasted data look like manual keyboard input. So
   any application relying on the bracketing sequences to protect
   against malicious clipboard contents would have been misled.

 - An SSH-1 server could trigger an access to freed memory by sending
   the SSH1_MSG_DISCONNECT message. Not known to be exploitable.

Other bug fixes include:

 - Windows Plink no longer crashes on startup when it tries to tell
   you it's reusing an existing SSH connection.

 - Windows PuTTY now updates its terminal window size correctly if the
   screen resolution changes while it's maximised.

 - If you display the coloured error messages from gcc in the PuTTY
   terminal, there is no longer a missing character if a colour change
   happens exactly at the end of a line.

 - If you use the 'Clear Scrollback' menu option or escape sequence
   while text in the scrollback is selected, it no longer causes an
   assertion failure.

Enjoy using PuTTY!

--
import hashlib; print((lambda p,q,g,y,r,s,m: (lambda w:(pow(g,int(hashlib.sha1(
m.encode('ascii')).hexdigest(),16)*w%q,p)*pow(y,r*w%q,p)%p)%q)(pow(s,q-2,q))==r
and m)(0xb80b5dacabab6145,0xf70027d345023,0x7643bc4018957897,0x11c2e5d9951130c9
,0xa54d9cbe4e8ab,0x746c50eaa1910,      "Simon Tatham <anakin@pobox.com>"     ))


1
rocksolid light 0.7.2
clearneti2ptor