diff --git a/0001-Revert-settings.c-allow-load_open_settings-NULL.patch b/0001-Revert-settings.c-allow-load_open_settings-NULL.patch deleted file mode 100644 index 30f93d8..0000000 --- a/0001-Revert-settings.c-allow-load_open_settings-NULL.patch +++ /dev/null @@ -1,78 +0,0 @@ -From 39c20d4819794417e4e84429d1eb5430e3865b25 Mon Sep 17 00:00:00 2001 -From: Simon Tatham -Date: Sat, 13 Apr 2019 18:52:28 +0100 -Subject: [PATCH] Revert "settings.c: allow load_open_settings(NULL)." - -This reverts commit 1b2f39c24bb6591a4192377d9393f5c3e45cb5bd. - -The intention of that commit was to support the development of Uppity, -by arranging that I could get a Conf populated with completely default -values by calling load_open_settings(NULL,conf), with no risk of -interference from the normal PuTTY saved sessions full of client-side -configuration (which would have been confusing to apply unexpectedly -in a server). - -So I arranged that a NULL session handle was never passed to the -low-level read_setting_[type] functions, in case it caused a segfault. -But I overlooked two things. - -Firstly, on Unix, read_setting_* is where we check the tree234 of data -derived from X resources and/or -xrm command-line options. So if you -don't call those functions at all (e.g. if you have no on-disk PuTTY -saved configuration at all, not even Default Settings), you also don't -get your X defaults honoured. - -Secondly, those functions themselves already all checked their -argument for NULL before doing anything dangerous with it. So the -thing I wanted to make possible was already possible _anyway_, without -me having to do anything! - -So I'm exactly reverting that commit, because the _only_ thing it did -was to introduce a bug in X resource handling. ---- - settings.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/settings.c b/settings.c -index 54424f49..2c767a7a 100644 ---- a/settings.c -+++ b/settings.c -@@ -107,7 +107,7 @@ char *get_remote_username(Conf *conf) - - static char *gpps_raw(settings_r *sesskey, const char *name, const char *def) - { -- char *ret = sesskey ? read_setting_s(sesskey, name) : NULL; -+ char *ret = read_setting_s(sesskey, name); - if (!ret) - ret = platform_default_s(name); - if (!ret) -@@ -131,7 +131,7 @@ static void gpps(settings_r *sesskey, const char *name, const char *def, - static void gppfont(settings_r *sesskey, char *name, - Conf *conf, int primary) - { -- FontSpec *result = sesskey ? read_setting_fontspec(sesskey, name) : NULL; -+ FontSpec *result = read_setting_fontspec(sesskey, name); - if (!result) - result = platform_default_fontspec(name); - conf_set_fontspec(conf, primary, result); -@@ -140,7 +140,7 @@ static void gppfont(settings_r *sesskey, char *name, - static void gppfile(settings_r *sesskey, const char *name, - Conf *conf, int primary) - { -- Filename *result = sesskey ? read_setting_filename(sesskey, name) : NULL; -+ Filename *result = read_setting_filename(sesskey, name); - if (!result) - result = platform_default_filename(name); - conf_set_filename(conf, primary, result); -@@ -162,7 +162,7 @@ static void gppb(settings_r *sesskey, const char *name, bool def, - static int gppi_raw(settings_r *sesskey, const char *name, int def) - { - def = platform_default_i(name, def); -- return sesskey ? read_setting_i(sesskey, name, def) : def; -+ return read_setting_i(sesskey, name, def); - } - - static void gppi(settings_r *sesskey, const char *name, int def, --- -2.21.0 - diff --git a/putty-0.71.tar.gz b/putty-0.71.tar.gz deleted file mode 100644 index e743986..0000000 --- a/putty-0.71.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:2f931ce2f89780cc8ca7bbed90fcd22c44515d2773f5fa954069e209b48ec6b8 -size 2423752 diff --git a/putty-0.71.tar.gz.gpg b/putty-0.71.tar.gz.gpg deleted file mode 100644 index bd259bb..0000000 Binary files a/putty-0.71.tar.gz.gpg and /dev/null differ diff --git a/putty-0.72.tar.gz b/putty-0.72.tar.gz new file mode 100644 index 0000000..5faef57 --- /dev/null +++ b/putty-0.72.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f236b5a26b0905809b3cd190158e8b95d81f86ad34fdd97a4312c1877f2cec5f +size 2449516 diff --git a/putty-0.72.tar.gz.gpg b/putty-0.72.tar.gz.gpg new file mode 100644 index 0000000..f786938 Binary files /dev/null and b/putty-0.72.tar.gz.gpg differ diff --git a/putty-03-config.diff b/putty-03-config.diff index 65334a3..cabf394 100644 --- a/putty-03-config.diff +++ b/putty-03-config.diff @@ -10,10 +10,10 @@ windows/windefs.c | 2 +- 3 files changed, 35 insertions(+), 22 deletions(-) -Index: putty-0.71/settings.c +Index: putty-0.72/settings.c =================================================================== ---- putty-0.71.orig/settings.c -+++ putty-0.71/settings.c +--- putty-0.72.orig/settings.c ++++ putty-0.72/settings.c @@ -17,8 +17,8 @@ static const struct keyvalwhere ciphernames[] = { { "aes", CIPHER_AES, -1, -1 }, @@ -24,7 +24,7 @@ Index: putty-0.71/settings.c { "des", CIPHER_DES, -1, -1 }, { "blowfish", CIPHER_BLOWFISH, -1, -1 }, { "arcfour", CIPHER_ARCFOUR, -1, -1 }, -@@ -843,7 +843,7 @@ void load_open_settings(settings_r *sess +@@ -847,7 +847,7 @@ void load_open_settings(settings_r *sess } gppb(sesskey, "TCPNoDelay", true, conf, CONF_tcp_nodelay); gppb(sesskey, "TCPKeepalives", false, conf, CONF_tcp_keepalives); @@ -33,7 +33,7 @@ Index: putty-0.71/settings.c gpps(sesskey, "TerminalSpeed", "38400,38400", conf, CONF_termspeed); if (gppmap(sesskey, "TerminalModes", conf, CONF_ttymodes)) { /* -@@ -1021,10 +1021,10 @@ void load_open_settings(settings_r *sess +@@ -1029,10 +1029,10 @@ void load_open_settings(settings_r *sess gppb(sesskey, "PassiveTelnet", false, conf, CONF_passive_telnet); gppb(sesskey, "BackspaceIsDelete", true, conf, CONF_bksp_is_delete); gppb(sesskey, "RXVTHomeEnd", false, conf, CONF_rxvt_homeend); @@ -46,7 +46,7 @@ Index: putty-0.71/settings.c gppb(sesskey, "NoRemoteResize", false, conf, CONF_no_remote_resize); gppb(sesskey, "NoAltScreen", false, conf, CONF_no_alt_screen); gppb(sesskey, "NoRemoteWinTitle", false, conf, CONF_no_remote_wintitle); -@@ -1046,9 +1046,9 @@ void load_open_settings(settings_r *sess +@@ -1054,9 +1054,9 @@ void load_open_settings(settings_r *sess gppb(sesskey, "ApplicationKeypad", false, conf, CONF_app_keypad); gppb(sesskey, "NetHackKeypad", false, conf, CONF_nethack_keypad); gppb(sesskey, "AltF4", true, conf, CONF_alt_f4); @@ -58,7 +58,7 @@ Index: putty-0.71/settings.c gppb(sesskey, "CtrlAltKeys", true, conf, CONF_ctrlaltkeys); #ifdef OSX_META_KEY_CONFIG gppb(sesskey, "OSXOptionMeta", true, conf, CONF_osx_option_meta); -@@ -1060,12 +1060,12 @@ void load_open_settings(settings_r *sess +@@ -1068,12 +1068,12 @@ void load_open_settings(settings_r *sess gppi(sesskey, "LocalEdit", AUTO, conf, CONF_localedit); gpps(sesskey, "Answerback", "PuTTY", conf, CONF_answerback); gppb(sesskey, "AlwaysOnTop", false, conf, CONF_alwaysontop); @@ -73,10 +73,10 @@ Index: putty-0.71/settings.c gppb(sesskey, "BlinkCur", false, conf, CONF_blink_cur); /* pedantic compiler tells me I can't use conf, CONF_beep as an int * :-) */ gppi(sesskey, "Beep", 1, conf, CONF_beep); -@@ -1100,10 +1100,10 @@ void load_open_settings(settings_r *sess +@@ -1108,10 +1108,10 @@ void load_open_settings(settings_r *sess gppb(sesskey, "CRImpliesLF", false, conf, CONF_crhaslf); - gppb(sesskey, "DisableArabicShaping", false, conf, CONF_arabicshaping); - gppb(sesskey, "DisableBidi", false, conf, CONF_bidi); + gppb(sesskey, "DisableArabicShaping", false, conf, CONF_no_arabicshaping); + gppb(sesskey, "DisableBidi", false, conf, CONF_no_bidi); - gppb(sesskey, "WinNameAlways", true, conf, CONF_win_name_always); + gppb(sesskey, "WinNameAlways", false, conf, CONF_win_name_always); gpps(sesskey, "WinTitle", "", conf, CONF_wintitle); @@ -86,7 +86,7 @@ Index: putty-0.71/settings.c gppfont(sesskey, "Font", conf, CONF_font); gppi(sesskey, "FontQuality", FQ_DEFAULT, conf, CONF_font_quality); gppi(sesskey, "FontVTMode", VT_UNICODE, conf, CONF_vtmode); -@@ -1116,11 +1116,28 @@ void load_open_settings(settings_r *sess +@@ -1124,11 +1124,28 @@ void load_open_settings(settings_r *sess for (i = 0; i < 22; i++) { static const char *const defaults[] = { @@ -120,7 +120,7 @@ Index: putty-0.71/settings.c }; char buf[20], *buf2; int c0, c1, c2; -@@ -1178,7 +1195,7 @@ void load_open_settings(settings_r *sess +@@ -1186,7 +1203,7 @@ void load_open_settings(settings_r *sess * The empty default for LineCodePage will be converted later * into a plausible default for the locale. */ @@ -129,11 +129,11 @@ Index: putty-0.71/settings.c gppb(sesskey, "CJKAmbigWide", false, conf, CONF_cjk_ambig_wide); gppb(sesskey, "UTF8Override", true, conf, CONF_utf8_override); gpps(sesskey, "Printer", "", conf, CONF_printer); -Index: putty-0.71/unix/unix.h +Index: putty-0.72/unix/unix.h =================================================================== ---- putty-0.71.orig/unix/unix.h -+++ putty-0.71/unix/unix.h -@@ -399,11 +399,7 @@ Socket *make_fd_socket(int infd, int out +--- putty-0.72.orig/unix/unix.h ++++ putty-0.72/unix/unix.h +@@ -400,11 +400,7 @@ Socket *make_fd_socket(int infd, int out /* * Default font setting, which can vary depending on NOT_X_WINDOWS. */ @@ -146,10 +146,10 @@ Index: putty-0.71/unix/unix.h /* * uxpty.c. -Index: putty-0.71/windows/windefs.c +Index: putty-0.72/windows/windefs.c =================================================================== ---- putty-0.71.orig/windows/windefs.c -+++ putty-0.71/windows/windefs.c +--- putty-0.72.orig/windows/windefs.c ++++ putty-0.72/windows/windefs.c @@ -9,7 +9,7 @@ FontSpec *platform_default_fontspec(const char *name) { diff --git a/putty.changes b/putty.changes index fa14d78..d3db045 100644 --- a/putty.changes +++ b/putty.changes @@ -1,3 +1,18 @@ +------------------------------------------------------------------- +Mon Aug 12 15:24:18 UTC 2019 - Jan Engelhardt + +- Update to new upstream release 0.72 [boo#1144547, boo#1144548] + * Fixed two separate vulnerabilities affecting the obsolete + SSH-1 protocol, both available before host key checking. + * Fixed a vulnerability in all the SSH client tools (PuTTY, + Plink, PSFTP and PSCP) if a malicious program can impersonate + Pageant. + * Fixed a crash in GSSAPI / Kerberos key exchange triggered if + the server provided an ordinary SSH host key as part of the + exchange. +- Drop 0001-Revert-settings.c-allow-load_open_settings-NULL.patch + (merged) + ------------------------------------------------------------------- Wed Apr 24 07:24:56 UTC 2019 - Jan Engelhardt diff --git a/putty.spec b/putty.spec index 825d439..d9e8e56 100644 --- a/putty.spec +++ b/putty.spec @@ -17,7 +17,7 @@ Name: putty -Version: 0.71 +Version: 0.72 Release: 0 Summary: SSH client with optional GTK-based terminal emulator frontend License: MIT @@ -31,7 +31,6 @@ Source2: http://the.earth.li/~sgtatham/putty/latest/%name-%version.tar.gz Source4: %name.keyring Patch1: putty-03-config.diff Patch2: reproducible.patch -Patch3: 0001-Revert-settings.c-allow-load_open_settings-NULL.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: ImageMagick BuildRequires: gtk3-devel