1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 3409-1] putty security update

    From Salvatore Bonaccorso@1:229/2 to All on Tue Dec 1 21:50:01 2015
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-3409-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 01, 2015 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : putty
    CVE ID : CVE-2015-5309

    A memory-corrupting integer overflow in the handling of the ECH (erase characters) control sequence was discovered in PuTTY's terminal
    emulator. A remote attacker can take advantage of this flaw to mount a
    denial of service or potentially to execute arbitrary code.

    For the oldstable distribution (wheezy), this problem has been fixed
    in version 0.62-9+deb7u3.

    For the stable distribution (jessie), this problem has been fixed in
    version 0.63-10+deb8u1.

    For the testing distribution (stretch), this problem has been fixed
    in version 0.66-1.

    For the unstable distribution (sid), this problem has been fixed in
    version 0.66-1.

    We recommend that you upgrade your putty packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1

    iQIcBAEBCgAGBQJWXgVAAAoJEAVMuPMTQ89ExMoP/2nCjJVLuClDWHYbdQF4k0KB d1pjGR4stMEODyawKxZm4DH374YTpcgPi+U+PBMFrZcJBMNQjOEwskKKYXq6utVF 9n/9it4d5OybtXu3BXvzGdyrPeP2vtfvPSNTKc45qbTxi+lSMWxRtZYdlX7jqF+w c2FHq6AduWe+Hb0yCFyyC5C/lOGGp2ZTV8cCHq4FBxF0UjOzWb4FH4MJtDfCUr3C j/KU8CRdqmhT9I2czQNQX/OZGzVLgTV91XxLXJZ/ycrSIB/rqayg5auAY8IKfG1N ZOXPNaDIx7LPg+OkGjNUO7MfAs0MDIh8eY6ECD+L2lZpKHKCPYdkIbF9J0/XayAk BpYjfKWdImd3TiXOXPBIRmNULxNoTfC6Y7fppM0zQ1Y0KxoZKlOJHM8wvdcfubK+ fcS+K3zE6SWvyOiLRW3GK+dqsJWDeUt7hdPzHhhothLlIb2TlVDrpKEYBEZ2FZms Wys53kc9H83QIvRv3hdYu9cV4cvKQp+cxlfkvetnpSealTrPYuZNtayLKmqfobYR C5/pa+x2gX4DKy4VTKqMHdDwzPnA2Wy+R/nw7Qj56TbIVEEnw0iT5QTB4HdOZmGm liMBoNF4VHWjNkNtTtfozkmj8KWF7BwFt+0PpSv2P5SyW6ddUFMsN03gV4s+MHgf ibT4S9zG7LQpVeA8LPzM
    =ohmG
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)