Ubuntu
putty package

lp://staging/ubuntu/utopic-security/putty

Utopic (14.10)
utopic-security

Created by Ubuntu Package Importer on 2015-06-23 and last modified on 2015-06-23

Get this branch:: bzr branch lp://staging/ubuntu/utopic-security/putty

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Review team:: Ubuntu Development Team

Status:: Mature

Recent revisions

36. By Thomas Ward on 2015-06-22: * SECURITY UPDATE: PuTTY did not properly wipe SSH-2 Private Keys from
  system memory, which can allow local users to obtain sensitive information
  by reading the memory. (LP: #1467631)
  - debian/patches/private-key-not-wiped-2.patch: Add in fix patch from
    Debian 0.63-10 packaging. Thanks to Patrick Coleman for the original
    patch.
  - CVE-2015-2157
35. By Colin Watson on 2014-10-12: * Backport from upstream (Simon Tatham), suggested by Jacob Nevins:
- Fix incorrect handling of saved sessions with a dynamic SOCKS tunnel
bound to a specific protocol (IPv4 or IPv6).
34. By Colin Watson on 2014-08-24: Build with all hardening options. (Thanks to somebody whose e-mail I
unfortunately deleted by mistake and so cannot reply to it ...)
33. By Colin Watson on 2014-08-20: Backport two upstream patches to fix runaway timer explosions (closes:
#758473).
32. By Colin Watson on 2014-04-21: * Backport from upstream (Simon Tatham):
- Fix an annoying timer-handling warning from current versions of GTK.
31. By Colin Watson on 2014-04-08: * Backport from upstream (Simon Tatham):
- Fix assertion failure in Unix PuTTYgen exports (LP: #1289176).
30. By Colin Watson on 2014-03-12: * Use dh-autoreconf, with the aid of a few upstream patches to make things
work with current autotools.
* Backport upstream patch to add some assertions in sshzlib.c, fixing
build with -O3.
29. By Colin Watson on 2014-01-08: * Support parallel builds.
* Switch to git; adjust Vcs-* fields.
28. By Colin Watson on 2013-08-07: * New upstream release.
  - CVE-2013-4206: Buffer underrun in modmul could corrupt the heap.
  - CVE-2013-4852: Negative string length in public-key signatures could
    cause integer overflow and overwrite all of memory (closes: #718779).
  - CVE-2013-4207: Non-coprime values in DSA signatures can cause buffer
    overflow in modular inverse.
  - CVE-2013-4208: Private keys were left in memory after being used by
    PuTTY tools.
  - Allow using a bold colour and a bold font at the same time (closes:
    #193352).
  - Use a monotonic clock (closes: #308552).
* Switch to the Autotools-based build system.
* Upgrade to debhelper v9.
27. By Colin Watson on 2013-06-04: * Backport from upstream (Ben Harris, Simon Tatham):
- Avoid function pointer comparison when using clang.

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp://staging/ubuntu/wily/putty

This branch contains Public information

Everyone can see this information.

Subscribers

Ubuntu branches

Ubuntuputty package