pool/putty
SHA256
2
0
Fork 2
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
64387e0635
putty/putty.changes

347 lines
15 KiB
Plaintext
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

-------------------------------------------------------------------
Sun Oct 30 19:54:34 UTC 2022 - Jan Engelhardt <jengelh@inai.de>
- Update to release 0.78
* Support for OpenSSH certificates, for both user
authentication keys and host keys.
* New SSH proxy modes, for running a custom shell command or
subsystem on the proxy server instead of forwarding a port
through it.
* New plugin system to allow a helper program to provide
responses in keyboard-interactive authentication, intended to
automate one-time password systems.
* Support for NTRU Prime post-quantum key exchange,
* Support for AES-GCM (in the OpenSSH style rather than
RFC 5647).
* Support for more forms of Diffie-Hellman key exchange: new
larger integer groups (such as group16 and group18), and
support for using those and ECDH with GSSAPI.
* Bug fix: server-controlled window title setting now works
again even if the character set is ISO 8859 (or a few other
affected single-byte character sets).
* Bug fix: certain forms of OSC escape sequences (sent by some
real servers) could cause PuTTY to crash.
* Bug fix: the -pwfile/-pw options no longer affect local key
passphrase prompts, and no longer suppress Plink's
anti-spoofing measures.
-------------------------------------------------------------------
Sat May 28 19:42:12 UTC 2022 - Jan Engelhardt <jengelh@inai.de>
- Update to release 0.77
* Major improvements to network proxy support:
* Support for interactively prompting the user if the proxy
server requires authentication.
* Built-in support for proxying via another SSH server, so that
PuTTY will SSH to the proxy and then automatically forward a
port through it to the destination host. (Similar to running
plink -nc as a subprocess, but more convenient to set up, and
allows you to answer interactive prompts presented by the
proxy.)
* Support for HTTP Digest authentication, when talking to HTTP
proxies.
* New configuration options for keyboard handling:
* Option to control handling of Shift + arrow keys
* Extra mode in the function-keys option, for modern xterm
(v216 and above).
* Crypto update: added side-channel resistance in probabilistic
RSA key generation.
* Crypto update: retired the use of short Diffie-Hellman
exponents.
-------------------------------------------------------------------
Sun Jul 18 22:20:49 UTC 2021 - Jan Engelhardt <jengelh@inai.de>
- Update to release 0.76
* New option to abandon an SSH connection if the server allows
you to authenticate in a trivial manner.
* Bug fix: server colour-palette reconfigurations were
sometimes lost.
-------------------------------------------------------------------
Mon May 10 12:02:38 UTC 2021 - Jan Engelhardt <jengelh@inai.de>
- Update to release 0.75
* Upgraded default SSH key fingerprint format to OpenSSH-style
SHA-256.
* Upgraded private key file format to PPK3, with improved
passphrase hashing and no use of SHA-1.
* Terminal now supports ESC [ 9 m for strikethrough text.
* New protocols: bare ssh-connection layer for use over
already-secure IPC channels, and SUPDUP for talking to very
old systems such as PDP-10s.
* PuTTYgen now supports alternative provable-prime generation
algorithm for RSA and DSA.
* The Unix tools can now connect directly to a Unix-domain
socket.
-------------------------------------------------------------------
Sun Jun 28 11:02:18 UTC 2020 - Jan Engelhardt <jengelh@inai.de>
- Update to release 0.74
* Fixed a possible vulnerability [boo#1173442]
* Added a new configuration option to mitigate a minor
information leak in SSH host key policy.
- Remove empty %post/%postun (says rpmlint)
-------------------------------------------------------------------
Tue Oct 1 07:43:23 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
- Update to release 0.73
* In bracketed paste mode, the terminal escape sequences that
should delimit the pasted data were appearing together on one
side of it, making it possible to misidentify pasted data as
manual keyboard input. [CVE-2019-17068, boo#1152753]
* An SSH-1 server sending a disconnection message could cause
an access to freed memory. [CVE-2019-17069]
* Tweaked terminal handling to prevent lost characters at the
ends of lines in gcc's colored error messages.
* Removed a bad interaction between the "clear scrollback"
operation and mouse selection that could give rise to the
dreaded "line==NULL" assertion box.
-------------------------------------------------------------------
Mon Aug 12 15:24:18 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
- Update to new upstream release 0.72 [boo#1144547, boo#1144548]
* Fixed two separate vulnerabilities affecting the obsolete
SSH-1 protocol, both available before host key checking.
* Fixed a vulnerability in all the SSH client tools (PuTTY,
Plink, PSFTP and PSCP) if a malicious program can impersonate
Pageant.
* Fixed a crash in GSSAPI / Kerberos key exchange triggered if
the server provided an ordinary SSH host key as part of the
exchange.
- Drop 0001-Revert-settings.c-allow-load_open_settings-NULL.patch
(merged)
-------------------------------------------------------------------
Wed Apr 24 07:24:56 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
- Reenable Xresources / remove -DNOT_X_WINDOWS [boo#1133181],
the crash under Wayland appears gone.
- Add 0001-Revert-settings.c-allow-load_open_settings-NULL.patch
[boo#1133181]
-------------------------------------------------------------------
Mon Mar 18 17:57:39 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
- Unbreak the Leap 42.3 build of putty.
- Update package descriptions.
-------------------------------------------------------------------
Sun Mar 17 11:28:14 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
- Update to new upstream release 0.71 [boo#1129633]
* Fixed a remotely triggerable memory overwrite in RSA key
exchange, which can occur before host key verification
potential recycling of random numbers used in cryptography.
* Fixed a remotely triggerable buffer overflow in any kind of
server-to-client forwarding.
* Fixed multiple denial-of-service attacks that can be triggered
by writing to the terminal.
* Major rewrite of the crypto code to remove cache and timing
side channels.
-------------------------------------------------------------------
Thu Jun 7 03:56:51 UTC 2018 - jnwang@suse.com
- Turn on -DNOT_X_WINDOWS, for Wayland system.
Fixes a crash occurring in libX11 when running under
Wayland [boo#1098962].
-------------------------------------------------------------------
Sat Mar 3 16:13:59 UTC 2018 - jengelh@inai.de
- Turn off -Werror.
-------------------------------------------------------------------
Thu Dec 14 18:31:53 UTC 2017 - jengelh@inai.de
- Update python BuildRequire to python-base
-------------------------------------------------------------------
Thu Dec 14 11:21:17 UTC 2017 - jengelh@inai.de
- Add missing python BuildRequire (for mkicon.py)
-------------------------------------------------------------------
Tue Jul 11 22:22:08 UTC 2017 - jengelh@inai.de
- Update to new upstream release 0.70
* Update Unicode data to version 9
- Remove gtk-buildfix.diff (merged upstream)
-------------------------------------------------------------------
Tue May 2 13:07:52 UTC 2017 - bwiedemann@suse.com
- Add reproducible.patch to use convert -strip to not have timestamps
in png files to make build fully reproducible
-------------------------------------------------------------------
Tue May 2 12:11:41 UTC 2017 - idonmez@suse.com
- Update to new upstream release 0.69
* You can now explicitly configure SSH terminal mode settings
not to be sent to the server, if your server objects to them.
- Switch to gtk+3 interface, add gtk-buildfix.diff.
-------------------------------------------------------------------
Wed Mar 15 08:26:13 UTC 2017 - jengelh@inai.de
- Update to new upstream release 0.68
* resolve integer overflow in the ssh_agent_channel_data
[CVE-2017-6542, boo#1029256]
- Drop reproducible.patch, no longer applies
-------------------------------------------------------------------
Tue Mar 8 18:35:39 UTC 2016 - bwiedemann@suse.com
- Add reproducible.patch to fix build-compare
-------------------------------------------------------------------
Tue Mar 8 16:43:24 UTC 2016 - jengelh@inai.de
- Update to new upstream release 0.67
* resolved a security issue with the PSCP protocol implementation
-------------------------------------------------------------------
Mon Nov 9 08:47:47 UTC 2015 - jengelh@inai.de
- Update to new upstream release 0.66
* Resolve integer overflow, buffer underrun in terminal emulator's
ECH handling. [CVE-2015-5309, bnc#954191]
* Resolve format string vulnerabilities
-------------------------------------------------------------------
Mon Jul 27 12:16:00 UTC 2015 - jengelh@inai.de
- Update to new upstream release 0.65
* Cryptography speedup on 64-bit Unix platforms by using gcc and
clang's __uint128_t built-in type.
* Bug fix: PSFTP now returns a failure exit status if a command
fails in a batch-mode script.
* Bug fix: ESC [ 13 t can no longer elicit an invalid escape
sequence as a response.
-------------------------------------------------------------------
Wed May 13 13:21:36 UTC 2015 - aj@ajaissle.de
- Build icons and add a .desktop file for putty
-------------------------------------------------------------------
Mon Mar 2 10:19:15 UTC 2015 - jengelh@inai.de
- Update to new upstream release 0.64
* Security fix: PuTTY no longer retains the private half of users'
keys in memory by mistake after authenticating with them.
[bnc#920167] (CVE-2015-2157)
* Support for SSH connection sharing, so that multiple instances of
PuTTY to the same host can share a single SSH connection instead
of all having to log in independently.
* Bug fix: IPv6 literals are handled sensibly throughout the suite,
if you enclose them in square brackets to prevent the colons
being mistaken for a :port suffix.
- Remove 0001-Revert-the-default-for-font-bolding-style.patch
(merged upstream), putty-04-nodate.diff (no longer needed).
-------------------------------------------------------------------
Tue Sep 23 15:43:40 UTC 2014 - jengelh@inai.de
- Drop gpg-offline build-time requirement; this is now handled by
the local source validator
-------------------------------------------------------------------
Wed Aug 7 09:28:25 UTC 2013 - jengelh@inai.de
- Add 0001-Revert-the-default-for-font-bolding-style.patch
(upstream patch fixing a cosmetic change introduced in 0.63)
- Add Conflict tag against pssh package (Parallel SSH) due to
conflicting files in /usr/bin
-------------------------------------------------------------------
Tue Aug 6 19:47:43 UTC 2013 - jengelh@inai.de
- Do signature verification
-------------------------------------------------------------------
Tue Aug 6 19:09:06 UTC 2013 - andreas.stieger@gmx.de
- update to 0.63
* Security fix: prevent a nefarious SSH server or network attacker
from crashing PuTTY at startup in three different ways by
presenting a maliciously constructed public key and signature.
[bnc#833567] CVE-2013-4852
* Security fix: PuTTY no longer retains the private half of users'
keys in memory by mistake after authenticating with them.
* Revamped the internal configuration storage system to remove all
fixed arbitrary limits on string lengths. In particular, there
should now no longer be an unreasonably small limit on the number
of port forwardings PuTTY can store.
* Forwarded TCP connections which close one direction before the
other should now be reliably supported, with EOF propagated
independently in the two directions. This also fixes some instances
of forwarding data corruption (if the corruption consisted of
losing data from the very end of the connection) and some instances
of PuTTY failing to close when the session is over (because it
wrongly thought a forwarding channel was still active when it was
not).
* The terminal emulation now supports xterm's bracketed paste mode
(allowing aware applications to tell the difference between typed
and pasted text, so that e.g. editors need not apply inappropriate
auto-indent).
* You can now choose to display bold text by both brightening the
foreground colour and changing the font, not just one or the other.
* PuTTYgen will now never generate a 2047-bit key when asked for 2048
(or more generally n1 bits when asked for n).
* Some updates to default settings: PuTTYgen now generates 2048-bit
keys by default (rather than 1024), and PuTTY defaults to UTF-8
encoding and 2000 lines of scrollback (rather than ISO 8859-1 and
200).
* Unix: PSCP and PSFTP now preserve the Unix file permissions, on
copies in both directions.
* Unix: dead keys and compose-character sequences are now supported.
* Unix: PuTTY and pterm now permit font fallback (where glyphs not
present in your selected font are automatically filled in from other
fonts on the system) even if you are using a server-side X11 font
rather than a Pango client-side one.
* Bug fixes too numerous to list, mostly resulting from running the
code through Coverity Scan which spotted an assortment of memory
and resource leaks, logic errors, and crashes in various circumstances.
- packaging changes:
* run make from base directory
* run tests
* remove putty-01-werror.diff (currently not needed)
* remove putty-02-remove-gtk1.diff, putty-05-glib-deprecated.diff,
putty-06-gtk2-indivhdr.diff (no longer needed)
* refresh putty-03-config.diff
* remove autoconf calls and requirements
* package HTML documentation
* package LICENCE file
-------------------------------------------------------------------
Sun Dec 11 14:04:30 UTC 2011 - andreas.stieger@gmx.de
- update to upstream 0.62:
* Security fix: PuTTY no longer retains passwords in memory by
mistake.
* Bug fix: Pageant now talks to both new-style clients (0.61 and
above) and old-style (0.60 and below).
* Bug fix: PuTTY no longer prints a spurious "Access denied"
message when GSSAPI authentication fails.
* Bug fix: PSCP and PSFTP now honour nonstandard port numbers in
SSH saved sessions.
* Bug fix: Pageant no longer leaks a file handle when an
authentication fails.
* Bug fix: PuTTYtel no longer crashes when saving a session.
* Bug fix: PuTTY now draws underlines under the underlined text
instead of sometimes putting them somewhere off to the right.
* Bug fix: PuTTY now should not draw VT100 line drawing characters
at the wrong vertical offset.
- fix SLE build
-------------------------------------------------------------------
Tue Jul 26 23:25:28 UTC 2011 - jengelh@medozas.de
- Initial package for build.opensuse.org
Reference in New Issue View Git Blame Copy Permalink