mirror of
https://git.FreeBSD.org/ports.git
synced 2024-10-20 20:09:11 +00:00
Update PuTTY to new upstream security and bug fix release 0.62,
and add a new VuXML entry. Changelog: http://lists.tartarus.org/pipermail/putty-announce/2011/000017.html Security: bbd5f486-24f1-11e1-95bc-080027ef73ec Feature safe: yes
This commit is contained in:
parent
89cd36ea3e
commit
1450d5bdf8
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=287272
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
PORTNAME= putty
|
||||
PORTVERSION= 0.61
|
||||
PORTVERSION= 0.62
|
||||
CATEGORIES= security ipv6
|
||||
MASTER_SITES= http://the.earth.li/~sgtatham/putty/%SUBDIR%/ \
|
||||
ftp://ftp.chiark.greenend.org.uk/users/sgtatham/putty-latest/
|
||||
@ -45,7 +45,7 @@ MAKE_ARGS+= GTK_CONFIG=:
|
||||
.if !defined(WITHOUT_GSSAPI)
|
||||
_COMPAT= -DSTATIC_GSSAPI
|
||||
.if ${OSVERSION} >= 900000
|
||||
LIB_DEPENDS= krb5support.0:${PORTSDIR}/security/krb5
|
||||
LIB_DEPENDS+= krb5support.0:${PORTSDIR}/security/krb5
|
||||
.endif
|
||||
.else
|
||||
_COMPAT= -DNO_GSSAPI
|
||||
|
@ -1,2 +1,2 @@
|
||||
SHA256 (putty-0.61.tar.gz) = 0eb0ec2dcbaf803731343cd6cd03788f16781dc19f806c612e373430daf8c072
|
||||
SIZE (putty-0.61.tar.gz) = 1781830
|
||||
SHA256 (putty-0.62.tar.gz) = 8d187e86ee18c839895d263607b61788778564e3720e8d85c5305a04f9da0573
|
||||
SIZE (putty-0.62.tar.gz) = 1783106
|
||||
|
@ -47,6 +47,38 @@ Note: Please add new entries to the beginning of this file.
|
||||
|
||||
-->
|
||||
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
|
||||
<vuln vid="bbd5f486-24f1-11e1-95bc-080027ef73ec">
|
||||
<topic>PuTTY 0.59 - 0.61 -- Password vulnerability</topic>
|
||||
<affects>
|
||||
<package>
|
||||
<name>putty</name>
|
||||
<range><ge>0.59</ge><lt>0.62</lt></range>
|
||||
</package>
|
||||
</affects>
|
||||
<description>
|
||||
<body xmlns="http://www.w3.org/1999/xhtml">
|
||||
<p>Simon Tatham reports:</p>
|
||||
<blockquote
|
||||
cite="http://lists.tartarus.org/pipermail/putty-announce/2011/000017.html">
|
||||
<p>PuTTY 0.62 fixes a security issue present in 0.59, 0.60 and 0.61.
|
||||
If you log in using SSH-2 keyboard-interactive authentication (which
|
||||
is the usual method used by modern servers to request a password),
|
||||
the password you type was accidentally kept in PuTTY's memory for
|
||||
the rest of its run, where it could be retrieved by other processes
|
||||
reading PuTTY's memory, or written out to swap files or crash
|
||||
dumps.</p>
|
||||
</blockquote>
|
||||
</body>
|
||||
</description>
|
||||
<references>
|
||||
<mlist>http://lists.tartarus.org/pipermail/putty-announce/2011/000017.html</mlist>
|
||||
</references>
|
||||
<dates>
|
||||
<discovery>2011-12-10</discovery>
|
||||
<entry>2011-12-12</entry>
|
||||
</dates>
|
||||
</vuln>
|
||||
|
||||
<vuln vid="bb389137-21fb-11e1-89b4-001ec9578670">
|
||||
<topic>asterisk -- Multiple Vulnerabilities</topic>
|
||||
<affects>
|
||||
|
Loading…
Reference in New Issue
Block a user