From e7a0ea1fd501cdf822ee109a3ab1209c69e6be8c16e0e99ef2037d0c40d0458e Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Thu, 5 Dec 2024 00:44:57 +0000 Subject: [PATCH] [info=d7ed53507ff853b8361cb405482095a3139510faa05937931f7cd8116c2c4021] OBS-URL: https://build.opensuse.org/package/show/X11:Utilities/putty?expand=0&rev=83 --- .gitattributes | 23 +++ .gitignore | 1 + _scmsync.obsinfo | 4 + build.specials.obscpio | 3 + putty-0.81.tar.gz | 3 + putty-0.81.tar.gz.gpg | Bin 0 -> 438 bytes putty-03-config.diff | 163 ++++++++++++++++++ putty.changes | 373 +++++++++++++++++++++++++++++++++++++++++ putty.keyring | 16 ++ putty.spec | 96 +++++++++++ reproducible.patch | 18 ++ 11 files changed, 700 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 _scmsync.obsinfo create mode 100644 build.specials.obscpio create mode 100644 putty-0.81.tar.gz create mode 100644 putty-0.81.tar.gz.gpg create mode 100644 putty-03-config.diff create mode 100644 putty.changes create mode 100644 putty.keyring create mode 100644 putty.spec create mode 100644 reproducible.patch diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/_scmsync.obsinfo b/_scmsync.obsinfo new file mode 100644 index 0000000..f0f1f90 --- /dev/null +++ b/_scmsync.obsinfo @@ -0,0 +1,4 @@ +mtime: 1713290655 +commit: d7ed53507ff853b8361cb405482095a3139510faa05937931f7cd8116c2c4021 +url: https://src.opensuse.org/jengelh/putty +revision: master diff --git a/build.specials.obscpio b/build.specials.obscpio new file mode 100644 index 0000000..73a18cb --- /dev/null +++ b/build.specials.obscpio @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:ae52e03595663574cac5bbf078f0d2be6ecce4c24afae5912abb6fe3fe47453f +size 256 diff --git a/putty-0.81.tar.gz b/putty-0.81.tar.gz new file mode 100644 index 0000000..d52719c --- /dev/null +++ b/putty-0.81.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:cb8b00a94f453494e345a3df281d7a3ed26bb0dd7e36264f145206f8857639fe +size 2844616 diff --git a/putty-0.81.tar.gz.gpg b/putty-0.81.tar.gz.gpg new file mode 100644 index 0000000000000000000000000000000000000000000000000000000000000000..03276d11928ae94f7bfbd2f51ab2f98d51322e04942451b3c5b441989846a87f GIT binary patch literal 438 zcmV;n0ZIOe0kZ@E0SEvc79j-m61qC058MuSwBv^vlhPZ?(W-X^0%jd_i~tG=5E+xw z8_LnDcQ4Ki0I^~!?KZL+Qqe1`A?ms>>d$3__S7BdLg zzaf}#DrCKCP3_BsX;>~y^FSjm@qvyvOBJnNw6pnkQvv`d=;$+&E}1}DL9_j05RpnI ztj|-RM(AnaZ#Qt8!P1CvJ`NEx29eF4K?z-yrEI(oj!_JWTjvez&CzA~BUy-*@PUB` zO(}#%9xN}!{UZAB*(Z0`p>v^B1n;*=3g=&ht`Dw@B==}=Dmficw%CK{y7PELV%3}Z zl2jR@;m>F*C{%jOFk34Cf2Oia(w9Brb}UeA2(0aI{*Lx literal 0 HcmV?d00001 diff --git a/putty-03-config.diff b/putty-03-config.diff new file mode 100644 index 0000000..c6644c9 --- /dev/null +++ b/putty-03-config.diff @@ -0,0 +1,163 @@ + +* Put 3DES off as insecure. +* Always use "linux" terminal type. This resolves some + strange key combos. +* Set standard colors and use a more legilible font size. + +--- + settings.c | 49 +++++++++++++++++++++++++++++++---------------- + unix/platform.h | 6 ----- + windows/utils/defaults.c | 2 - + 3 files changed, 35 insertions(+), 22 deletions(-) + +Index: putty-0.78/settings.c +=================================================================== +--- putty-0.78.orig/settings.c ++++ putty-0.78/settings.c +@@ -18,8 +18,8 @@ static const struct keyvalwhere cipherna + { "aes", CIPHER_AES, -1, -1 }, + { "chacha20", CIPHER_CHACHA20, CIPHER_AES, +1 }, + { "aesgcm", CIPHER_AESGCM, CIPHER_CHACHA20, +1 }, +- { "3des", CIPHER_3DES, -1, -1 }, + { "WARN", CIPHER_WARN, -1, -1 }, ++ { "3des", CIPHER_3DES, -1, -1 }, + { "des", CIPHER_DES, -1, -1 }, + { "blowfish", CIPHER_BLOWFISH, -1, -1 }, + { "arcfour", CIPHER_ARCFOUR, -1, -1 }, +@@ -878,7 +878,7 @@ void load_open_settings(settings_r *sess + } + gppb(sesskey, "TCPNoDelay", true, conf, CONF_tcp_nodelay); + gppb(sesskey, "TCPKeepalives", false, conf, CONF_tcp_keepalives); +- gpps(sesskey, "TerminalType", "xterm", conf, CONF_termtype); ++ gpps(sesskey, "TerminalType", "linux", conf, CONF_termtype); + gpps(sesskey, "TerminalSpeed", "38400,38400", conf, CONF_termspeed); + if (gppmap(sesskey, "TerminalModes", conf, CONF_ttymodes)) { + /* +@@ -1064,12 +1064,12 @@ void load_open_settings(settings_r *sess + gppb(sesskey, "PassiveTelnet", false, conf, CONF_passive_telnet); + gppb(sesskey, "BackspaceIsDelete", true, conf, CONF_bksp_is_delete); + gppb(sesskey, "RXVTHomeEnd", false, conf, CONF_rxvt_homeend); +- gppi(sesskey, "LinuxFunctionKeys", 0, conf, CONF_funky_type); ++ gppi(sesskey, "LinuxFunctionKeys", true, conf, CONF_funky_type); + gppi(sesskey, "ShiftedArrowKeys", SHARROW_APPLICATION, conf, + CONF_sharrow_type); + gppb(sesskey, "NoApplicationKeys", false, conf, CONF_no_applic_k); + gppb(sesskey, "NoApplicationCursors", false, conf, CONF_no_applic_c); +- gppb(sesskey, "NoMouseReporting", false, conf, CONF_no_mouse_rep); ++ gppb(sesskey, "NoMouseReporting", true, conf, CONF_no_mouse_rep); + gppb(sesskey, "NoRemoteResize", false, conf, CONF_no_remote_resize); + gppb(sesskey, "NoAltScreen", false, conf, CONF_no_alt_screen); + gppb(sesskey, "NoRemoteWinTitle", false, conf, CONF_no_remote_wintitle); +@@ -1091,9 +1091,9 @@ void load_open_settings(settings_r *sess + gppb(sesskey, "ApplicationKeypad", false, conf, CONF_app_keypad); + gppb(sesskey, "NetHackKeypad", false, conf, CONF_nethack_keypad); + gppb(sesskey, "AltF4", true, conf, CONF_alt_f4); +- gppb(sesskey, "AltSpace", false, conf, CONF_alt_space); ++ gppb(sesskey, "AltSpace", true, conf, CONF_alt_space); + gppb(sesskey, "AltOnly", false, conf, CONF_alt_only); +- gppb(sesskey, "ComposeKey", false, conf, CONF_compose_key); ++ gppb(sesskey, "ComposeKey", true, conf, CONF_compose_key); + gppb(sesskey, "CtrlAltKeys", true, conf, CONF_ctrlaltkeys); + #ifdef OSX_META_KEY_CONFIG + gppb(sesskey, "OSXOptionMeta", true, conf, CONF_osx_option_meta); +@@ -1105,12 +1105,12 @@ void load_open_settings(settings_r *sess + gppi(sesskey, "LocalEdit", AUTO, conf, CONF_localedit); + gpps(sesskey, "Answerback", "PuTTY", conf, CONF_answerback); + gppb(sesskey, "AlwaysOnTop", false, conf, CONF_alwaysontop); +- gppb(sesskey, "FullScreenOnAltEnter", false, ++ gppb(sesskey, "FullScreenOnAltEnter", true, + conf, CONF_fullscreenonaltenter); + gppb(sesskey, "HideMousePtr", false, conf, CONF_hide_mouseptr); + gppb(sesskey, "SunkenEdge", false, conf, CONF_sunken_edge); + gppi(sesskey, "WindowBorder", 1, conf, CONF_window_border); +- gppi(sesskey, "CurType", 0, conf, CONF_cursor_type); ++ gppi(sesskey, "CurType", 1, conf, CONF_cursor_type); + gppb(sesskey, "BlinkCur", false, conf, CONF_blink_cur); + /* pedantic compiler tells me I can't use conf, CONF_beep as an int * :-) */ + gppi(sesskey, "Beep", 1, conf, CONF_beep); +@@ -1145,10 +1145,10 @@ void load_open_settings(settings_r *sess + gppb(sesskey, "CRImpliesLF", false, conf, CONF_crhaslf); + gppb(sesskey, "DisableArabicShaping", false, conf, CONF_no_arabicshaping); + gppb(sesskey, "DisableBidi", false, conf, CONF_no_bidi); +- gppb(sesskey, "WinNameAlways", true, conf, CONF_win_name_always); ++ gppb(sesskey, "WinNameAlways", false, conf, CONF_win_name_always); + gpps(sesskey, "WinTitle", "", conf, CONF_wintitle); + gppi(sesskey, "TermWidth", 80, conf, CONF_width); +- gppi(sesskey, "TermHeight", 24, conf, CONF_height); ++ gppi(sesskey, "TermHeight", 25, conf, CONF_height); + gppfont(sesskey, "Font", conf, CONF_font); + gppi(sesskey, "FontQuality", FQ_DEFAULT, conf, CONF_font_quality); + gppi(sesskey, "FontVTMode", VT_UNICODE, conf, CONF_vtmode); +@@ -1161,11 +1161,28 @@ void load_open_settings(settings_r *sess + + for (i = 0; i < 22; i++) { + static const char *const defaults[] = { +- "187,187,187", "255,255,255", "0,0,0", "85,85,85", "0,0,0", +- "0,255,0", "0,0,0", "85,85,85", "187,0,0", "255,85,85", +- "0,187,0", "85,255,85", "187,187,0", "255,255,85", "0,0,187", +- "85,85,255", "187,0,187", "255,85,255", "0,187,187", +- "85,255,255", "187,187,187", "255,255,255" ++ "170,170,170", /* default foreground */ ++ "255,255,255", /* default bold foreground */ ++ "0,0,0", /* default background */ ++ "85,85,85", /* default bold background */ ++ "0,0,0", /* cursor text */ ++ "192,192,224", /* cursor color */ ++ "0,0,0", /* black */ ++ "85,85,85", /* black bold */ ++ "170,0,0", /* red */ ++ "255,0,0", /* red bold */ ++ "0,170,0", /* green */ ++ "0,255,0", /* green bold */ ++ "170,85,0", /* brown */ ++ "255,255,0", /* yellow bold */ ++ "0,0,170", /* blue */ ++ "0,0,255", /* blue bold */ ++ "170,0,170", /* magenta */ ++ "255,0,255", /* magenta bold */ ++ "0,170,170", /* cyan */ ++ "0,255,255", /* cyan bold */ ++ "170,170,170", /* white */ ++ "255,255,255", /* white bold */ + }; + char buf[20], *buf2; + int c0, c1, c2; +@@ -1223,7 +1240,7 @@ void load_open_settings(settings_r *sess + * The empty default for LineCodePage will be converted later + * into a plausible default for the locale. + */ +- gpps(sesskey, "LineCodePage", "", conf, CONF_line_codepage); ++ gpps(sesskey, "LineCodePage", "UTF-8", conf, CONF_line_codepage); + gppb(sesskey, "CJKAmbigWide", false, conf, CONF_cjk_ambig_wide); + gppb(sesskey, "UTF8Override", true, conf, CONF_utf8_override); + gpps(sesskey, "Printer", "", conf, CONF_printer); +Index: putty-0.78/unix/platform.h +=================================================================== +--- putty-0.78.orig/unix/platform.h ++++ putty-0.78/unix/platform.h +@@ -394,11 +394,7 @@ void fd_socket_set_psb_prefix(Socket *s, + /* + * Default font setting, which can vary depending on NOT_X_WINDOWS. + */ +-#ifdef NOT_X_WINDOWS +-#define DEFAULT_GTK_FONT "client:Monospace 12" +-#else +-#define DEFAULT_GTK_FONT "server:fixed" +-#endif ++#define DEFAULT_GTK_FONT "client:Monospace 16" + + /* + * pty.c. +Index: putty-0.78/windows/utils/defaults.c +=================================================================== +--- putty-0.78.orig/windows/utils/defaults.c ++++ putty-0.78/windows/utils/defaults.c +@@ -9,7 +9,7 @@ + FontSpec *platform_default_fontspec(const char *name) + { + if (!strcmp(name, "Font")) +- return fontspec_new("Courier New", false, 10, ANSI_CHARSET); ++ return fontspec_new("Consolas", false, 16, ANSI_CHARSET); + else + return fontspec_new("", false, 0, 0); + } diff --git a/putty.changes b/putty.changes new file mode 100644 index 0000000..b691715 --- /dev/null +++ b/putty.changes @@ -0,0 +1,373 @@ +------------------------------------------------------------------- +Mon Apr 15 20:04:57 UTC 2024 - Jan Engelhardt + +- Update to release 0.81 + * Fix CVE-2024-31497: NIST P521 / ecdsa-sha2-nistp521 + signatures are no longer generated with biased values of k. + The previous bias compromises private keys. + +------------------------------------------------------------------- +Mon Dec 18 21:52:22 UTC 2023 - Jan Engelhardt + +- Update to release 0.80 + * Fix CVE-2023-48795 [boo#1218128] + +------------------------------------------------------------------- +Sun Aug 27 10:27:17 UTC 2023 - Jan Engelhardt + +- Update to release 0.79 + * Terminal mouse tracking: support for mouse movements which are + not drags, and support for horizontal scroll events (e.g. + generated by trackpads). + * Fixed: PuTTY could fail an assertion if a resize control + sequence was sent by the server while the window was docked to + one half of the screen in KDE. + * Fixed: PuTTY could fail an assertion if you tried to change the + font size while the window was maximised. + +------------------------------------------------------------------- +Sun Oct 30 19:54:34 UTC 2022 - Jan Engelhardt + +- Update to release 0.78 + * Support for OpenSSH certificates, for both user + authentication keys and host keys. + * New SSH proxy modes, for running a custom shell command or + subsystem on the proxy server instead of forwarding a port + through it. + * New plugin system to allow a helper program to provide + responses in keyboard-interactive authentication, intended to + automate one-time password systems. + * Support for NTRU Prime post-quantum key exchange, + * Support for AES-GCM (in the OpenSSH style rather than + RFC 5647). + * Support for more forms of Diffie-Hellman key exchange: new + larger integer groups (such as group16 and group18), and + support for using those and ECDH with GSSAPI. + * Bug fix: server-controlled window title setting now works + again even if the character set is ISO 8859 (or a few other + affected single-byte character sets). + * Bug fix: certain forms of OSC escape sequences (sent by some + real servers) could cause PuTTY to crash. + * Bug fix: the -pwfile/-pw options no longer affect local key + passphrase prompts, and no longer suppress Plink's + anti-spoofing measures. + +------------------------------------------------------------------- +Sat May 28 19:42:12 UTC 2022 - Jan Engelhardt + +- Update to release 0.77 + * Major improvements to network proxy support: + * Support for interactively prompting the user if the proxy + server requires authentication. + * Built-in support for proxying via another SSH server, so that + PuTTY will SSH to the proxy and then automatically forward a + port through it to the destination host. (Similar to running + plink -nc as a subprocess, but more convenient to set up, and + allows you to answer interactive prompts presented by the + proxy.) + * Support for HTTP Digest authentication, when talking to HTTP + proxies. + * New configuration options for keyboard handling: + * Option to control handling of Shift + arrow keys + * Extra mode in the function-keys option, for modern xterm + (v216 and above). + * Crypto update: added side-channel resistance in probabilistic + RSA key generation. + * Crypto update: retired the use of short Diffie-Hellman + exponents. + +------------------------------------------------------------------- +Sun Jul 18 22:20:49 UTC 2021 - Jan Engelhardt + +- Update to release 0.76 + * New option to abandon an SSH connection if the server allows + you to authenticate in a trivial manner. + * Bug fix: server colour-palette reconfigurations were + sometimes lost. + +------------------------------------------------------------------- +Mon May 10 12:02:38 UTC 2021 - Jan Engelhardt + +- Update to release 0.75 + * Upgraded default SSH key fingerprint format to OpenSSH-style + SHA-256. + * Upgraded private key file format to PPK3, with improved + passphrase hashing and no use of SHA-1. + * Terminal now supports ESC [ 9 m for strikethrough text. + * New protocols: bare ssh-connection layer for use over + already-secure IPC channels, and SUPDUP for talking to very + old systems such as PDP-10s. + * PuTTYgen now supports alternative provable-prime generation + algorithm for RSA and DSA. + * The Unix tools can now connect directly to a Unix-domain + socket. + +------------------------------------------------------------------- +Sun Jun 28 11:02:18 UTC 2020 - Jan Engelhardt + +- Update to release 0.74 + * Fixed a possible vulnerability [boo#1173442] + * Added a new configuration option to mitigate a minor + information leak in SSH host key policy. +- Remove empty %post/%postun (says rpmlint) + +------------------------------------------------------------------- +Tue Oct 1 07:43:23 UTC 2019 - Jan Engelhardt + +- Update to release 0.73 + * In bracketed paste mode, the terminal escape sequences that + should delimit the pasted data were appearing together on one + side of it, making it possible to misidentify pasted data as + manual keyboard input. [CVE-2019-17068, boo#1152753] + * An SSH-1 server sending a disconnection message could cause + an access to freed memory. [CVE-2019-17069] + * Tweaked terminal handling to prevent lost characters at the + ends of lines in gcc's colored error messages. + * Removed a bad interaction between the "clear scrollback" + operation and mouse selection that could give rise to the + dreaded "line==NULL" assertion box. + +------------------------------------------------------------------- +Mon Aug 12 15:24:18 UTC 2019 - Jan Engelhardt + +- Update to new upstream release 0.72 [boo#1144547, boo#1144548] + * Fixed two separate vulnerabilities affecting the obsolete + SSH-1 protocol, both available before host key checking. + * Fixed a vulnerability in all the SSH client tools (PuTTY, + Plink, PSFTP and PSCP) if a malicious program can impersonate + Pageant. + * Fixed a crash in GSSAPI / Kerberos key exchange triggered if + the server provided an ordinary SSH host key as part of the + exchange. +- Drop 0001-Revert-settings.c-allow-load_open_settings-NULL.patch + (merged) + +------------------------------------------------------------------- +Wed Apr 24 07:24:56 UTC 2019 - Jan Engelhardt + +- Reenable Xresources / remove -DNOT_X_WINDOWS [boo#1133181], + the crash under Wayland appears gone. +- Add 0001-Revert-settings.c-allow-load_open_settings-NULL.patch + [boo#1133181] + +------------------------------------------------------------------- +Mon Mar 18 17:57:39 UTC 2019 - Jan Engelhardt + +- Unbreak the Leap 42.3 build of putty. +- Update package descriptions. + +------------------------------------------------------------------- +Sun Mar 17 11:28:14 UTC 2019 - Jan Engelhardt + +- Update to new upstream release 0.71 [boo#1129633] + * Fixed a remotely triggerable memory overwrite in RSA key + exchange, which can occur before host key verification + potential recycling of random numbers used in cryptography. + * Fixed a remotely triggerable buffer overflow in any kind of + server-to-client forwarding. + * Fixed multiple denial-of-service attacks that can be triggered + by writing to the terminal. + * Major rewrite of the crypto code to remove cache and timing + side channels. + +------------------------------------------------------------------- +Thu Jun 7 03:56:51 UTC 2018 - jnwang@suse.com + +- Turn on -DNOT_X_WINDOWS, for Wayland system. + Fixes a crash occurring in libX11 when running under + Wayland [boo#1098962]. + +------------------------------------------------------------------- +Sat Mar 3 16:13:59 UTC 2018 - jengelh@inai.de + +- Turn off -Werror. + +------------------------------------------------------------------- +Thu Dec 14 18:31:53 UTC 2017 - jengelh@inai.de + +- Update python BuildRequire to python-base + +------------------------------------------------------------------- +Thu Dec 14 11:21:17 UTC 2017 - jengelh@inai.de + +- Add missing python BuildRequire (for mkicon.py) + +------------------------------------------------------------------- +Tue Jul 11 22:22:08 UTC 2017 - jengelh@inai.de + +- Update to new upstream release 0.70 + * Update Unicode data to version 9 +- Remove gtk-buildfix.diff (merged upstream) + +------------------------------------------------------------------- +Tue May 2 13:07:52 UTC 2017 - bwiedemann@suse.com + +- Add reproducible.patch to use convert -strip to not have timestamps + in png files to make build fully reproducible + +------------------------------------------------------------------- +Tue May 2 12:11:41 UTC 2017 - idonmez@suse.com + +- Update to new upstream release 0.69 + * You can now explicitly configure SSH terminal mode settings + not to be sent to the server, if your server objects to them. +- Switch to gtk+3 interface, add gtk-buildfix.diff. + +------------------------------------------------------------------- +Wed Mar 15 08:26:13 UTC 2017 - jengelh@inai.de + +- Update to new upstream release 0.68 + * resolve integer overflow in the ssh_agent_channel_data + [CVE-2017-6542, boo#1029256] +- Drop reproducible.patch, no longer applies + +------------------------------------------------------------------- +Tue Mar 8 18:35:39 UTC 2016 - bwiedemann@suse.com + +- Add reproducible.patch to fix build-compare + +------------------------------------------------------------------- +Tue Mar 8 16:43:24 UTC 2016 - jengelh@inai.de + +- Update to new upstream release 0.67 +* resolved a security issue with the PSCP protocol implementation + +------------------------------------------------------------------- +Mon Nov 9 08:47:47 UTC 2015 - jengelh@inai.de + +- Update to new upstream release 0.66 +* Resolve integer overflow, buffer underrun in terminal emulator's + ECH handling. [CVE-2015-5309, bnc#954191] +* Resolve format string vulnerabilities + +------------------------------------------------------------------- +Mon Jul 27 12:16:00 UTC 2015 - jengelh@inai.de + +- Update to new upstream release 0.65 +* Cryptography speedup on 64-bit Unix platforms by using gcc and + clang's __uint128_t built-in type. +* Bug fix: PSFTP now returns a failure exit status if a command + fails in a batch-mode script. +* Bug fix: ESC [ 13 t can no longer elicit an invalid escape + sequence as a response. + +------------------------------------------------------------------- +Wed May 13 13:21:36 UTC 2015 - aj@ajaissle.de + +- Build icons and add a .desktop file for putty + +------------------------------------------------------------------- +Mon Mar 2 10:19:15 UTC 2015 - jengelh@inai.de + +- Update to new upstream release 0.64 +* Security fix: PuTTY no longer retains the private half of users' + keys in memory by mistake after authenticating with them. + [bnc#920167] (CVE-2015-2157) +* Support for SSH connection sharing, so that multiple instances of + PuTTY to the same host can share a single SSH connection instead + of all having to log in independently. +* Bug fix: IPv6 literals are handled sensibly throughout the suite, + if you enclose them in square brackets to prevent the colons + being mistaken for a :port suffix. +- Remove 0001-Revert-the-default-for-font-bolding-style.patch + (merged upstream), putty-04-nodate.diff (no longer needed). + +------------------------------------------------------------------- +Tue Sep 23 15:43:40 UTC 2014 - jengelh@inai.de + +- Drop gpg-offline build-time requirement; this is now handled by + the local source validator + +------------------------------------------------------------------- +Wed Aug 7 09:28:25 UTC 2013 - jengelh@inai.de + +- Add 0001-Revert-the-default-for-font-bolding-style.patch + (upstream patch fixing a cosmetic change introduced in 0.63) +- Add Conflict tag against pssh package (Parallel SSH) due to + conflicting files in /usr/bin + +------------------------------------------------------------------- +Tue Aug 6 19:47:43 UTC 2013 - jengelh@inai.de + +- Do signature verification + +------------------------------------------------------------------- +Tue Aug 6 19:09:06 UTC 2013 - andreas.stieger@gmx.de + +- update to 0.63 + * Security fix: prevent a nefarious SSH server or network attacker + from crashing PuTTY at startup in three different ways by + presenting a maliciously constructed public key and signature. + [bnc#833567] CVE-2013-4852 + * Security fix: PuTTY no longer retains the private half of users' + keys in memory by mistake after authenticating with them. + * Revamped the internal configuration storage system to remove all + fixed arbitrary limits on string lengths. In particular, there + should now no longer be an unreasonably small limit on the number + of port forwardings PuTTY can store. + * Forwarded TCP connections which close one direction before the + other should now be reliably supported, with EOF propagated + independently in the two directions. This also fixes some instances + of forwarding data corruption (if the corruption consisted of + losing data from the very end of the connection) and some instances + of PuTTY failing to close when the session is over (because it + wrongly thought a forwarding channel was still active when it was + not). + * The terminal emulation now supports xterm's bracketed paste mode + (allowing aware applications to tell the difference between typed + and pasted text, so that e.g. editors need not apply inappropriate + auto-indent). + * You can now choose to display bold text by both brightening the + foreground colour and changing the font, not just one or the other. + * PuTTYgen will now never generate a 2047-bit key when asked for 2048 + (or more generally n−1 bits when asked for n). + * Some updates to default settings: PuTTYgen now generates 2048-bit + keys by default (rather than 1024), and PuTTY defaults to UTF-8 + encoding and 2000 lines of scrollback (rather than ISO 8859-1 and + 200). + * Unix: PSCP and PSFTP now preserve the Unix file permissions, on + copies in both directions. + * Unix: dead keys and compose-character sequences are now supported. + * Unix: PuTTY and pterm now permit font fallback (where glyphs not + present in your selected font are automatically filled in from other + fonts on the system) even if you are using a server-side X11 font + rather than a Pango client-side one. + * Bug fixes too numerous to list, mostly resulting from running the + code through Coverity Scan which spotted an assortment of memory + and resource leaks, logic errors, and crashes in various circumstances. +- packaging changes: + * run make from base directory + * run tests + * remove putty-01-werror.diff (currently not needed) + * remove putty-02-remove-gtk1.diff, putty-05-glib-deprecated.diff, + putty-06-gtk2-indivhdr.diff (no longer needed) + * refresh putty-03-config.diff + * remove autoconf calls and requirements + * package HTML documentation + * package LICENCE file + +------------------------------------------------------------------- +Sun Dec 11 14:04:30 UTC 2011 - andreas.stieger@gmx.de + +- update to upstream 0.62: +* Security fix: PuTTY no longer retains passwords in memory by + mistake. +* Bug fix: Pageant now talks to both new-style clients (0.61 and + above) and old-style (0.60 and below). +* Bug fix: PuTTY no longer prints a spurious "Access denied" + message when GSSAPI authentication fails. +* Bug fix: PSCP and PSFTP now honour nonstandard port numbers in + SSH saved sessions. +* Bug fix: Pageant no longer leaks a file handle when an + authentication fails. +* Bug fix: PuTTYtel no longer crashes when saving a session. +* Bug fix: PuTTY now draws underlines under the underlined text + instead of sometimes putting them somewhere off to the right. +* Bug fix: PuTTY now should not draw VT100 line drawing characters + at the wrong vertical offset. +- fix SLE build + +------------------------------------------------------------------- +Tue Jul 26 23:25:28 UTC 2011 - jengelh@medozas.de + +- Initial package for build.opensuse.org diff --git a/putty.keyring b/putty.keyring new file mode 100644 index 0000000..577e05b --- /dev/null +++ b/putty.keyring @@ -0,0 +1,16 @@ +pub 1024R/B41CAE29 2000-12-20 +uid PuTTY Releases (RSA) + +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v2.0.19 (GNU/Linux) + +mQCNAzpA2ZYAAAEEAKxRyqIqZxKktdbrPo/OUj/4ij+yNIC8oBTVNgt3+NcAgFKI +lPxjRKkrNFMrmXPaKRLp8/TS5Z46nSgG44d58G/5clu7IVge2YlCpvoIfo3ute2U +UbBvXCJFVK5ePhNzQX8nGibmejxo8wF5CShyifhmoyfd96cf9u85zMC0HK4pAAUR +tDRQdVRUWSBSZWxlYXNlcyAoUlNBKSA8cHV0dHktYnVnc0BsaXN0cy50YXJ0YXJ1 +cy5vcmc+iQCVAwUQOkDZlu85zMC0HK4pAQG7XQP6AlJiPCmN7PMz92LhqNbK4B1Y +WtNCcDKz1wZZow2OrQW79SZ+I6RqWC/z/1YKIgYY30aE2UtY9OMUYlQ+I08rsYC4 +hNxNY4JvyyP9AT7wiJlpvdWtD590Z5DYwdSTeZg8w0N3NvCJ6m3ivFHiEZuJcZjd +cfPQziUxGjQi6HzG+sc= +=18Fm +-----END PGP PUBLIC KEY BLOCK----- diff --git a/putty.spec b/putty.spec new file mode 100644 index 0000000..0287568 --- /dev/null +++ b/putty.spec @@ -0,0 +1,96 @@ +# +# spec file for package putty +# +# Copyright (c) 2024 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +Name: putty +Version: 0.81 +Release: 0 +Summary: SSH client with optional GTK-based terminal emulator frontend +License: MIT +Group: System/X11/Utilities +URL: http://www.chiark.greenend.org.uk/~sgtatham/putty/ + +#Git-Web: http://tartarus.org/~simon-git/gitweb/?p=putty.git +#Git-Clone: git://git.tartarus.org/simon/putty +Source: http://the.earth.li/~sgtatham/putty/latest/%name-%version.tar.gz +Source2: http://the.earth.li/~sgtatham/putty/latest/%name-%version.tar.gz.gpg +Source4: %name.keyring +Patch1: putty-03-config.diff +Patch2: reproducible.patch +BuildRequires: ImageMagick +BuildRequires: cmake +BuildRequires: gtk3-devel +BuildRequires: krb5-devel +BuildRequires: python3-base +BuildRequires: update-desktop-files +Conflicts: pssh + +%description +PuTTY is a suite of terminal emulator application and client for +serial consoles, raw TCP connections, and the computing protocols +SSH, Telnet and rlogin. + +The "pterm" program is just the graphical terminal emulator similar +to xterm, "plink" is just the (console-based) SSH client similar to +openssh, and "putty" is the program that combines both in one. + +%prep +%autosetup -p1 + +%build +make -C icons cicons pngs +# +# from defs.h: """PuTTY is a security project, so assertions are +# important""" (-DNDEBUG injected by optflags not allowed) +# +%cmake -DCMAKE_C_FLAGS:STRING="%optflags -UNDEBUG" +%cmake_build + +%install +%cmake_install +b="%buildroot" +mkdir -p "$b/%_datadir/applications/" +cat >"$b/%_datadir/applications/%name.desktop" <<-EOF + [Desktop Entry] + Name=PuTTY SSH Client + GenericName=PuTTY + Comment=Connect to an SSH server with PuTTY + Exec=putty + Icon=putty + Terminal=false + Type=Application + Categories=GTK;Network;RemoteAccess; +EOF + +%suse_update_desktop_file -n %name + +mkdir -p "$b/%_datadir/pixmaps/" +install -m644 icons/xpmpterm.c "$b/%_datadir/pixmaps/pterm.xpm" +install -m644 icons/xpmputty.c "$b/%_datadir/pixmaps/putty.xpm" +install -m644 icons/pterm-32.png "$b/%_datadir/pixmaps/pterm.png" +install -m644 icons/putty-32.png "$b/%_datadir/pixmaps/putty.png" + +%files +%license LICENCE +%doc doc/*.but +%_mandir/man*/* +%_bindir/* +%_datadir/applications/%name.desktop +%_datadir/pixmaps/*.png +%_datadir/pixmaps/*.xpm + +%changelog diff --git a/reproducible.patch b/reproducible.patch new file mode 100644 index 0000000..9d1c52f --- /dev/null +++ b/reproducible.patch @@ -0,0 +1,18 @@ +From: Bernhard Wiedemann +Date: Tue, 8 Mar 2016 19:39:47 +# PATCH-FIX-UPSTREAM + +Drop build timestamps from png. +Index: putty-0.68/icons/Makefile +=================================================================== +--- putty-0.68.orig/icons/Makefile ++++ putty-0.68/icons/Makefile +@@ -38,7 +38,7 @@ $(PAMS): %.pam: mkicon.py + ./mkicon.py $(MODE) $(join $(subst -, ,$(basename $@)),_icon) $@ + + $(PNGS) $(MONOPNGS) $(TRUEPNGS): %.png: %.pam +- convert $< $@ ++ convert -strip $< $@ + + $(MONOPAMS): %.pam: mkicon.py + ./mkicon.py -2 $(MODE) $(join $(subst -, ,$(subst -mono,,$(basename $@))),_icon) $@