Received: by mail.netbsd.org (Postfix, from userid 605) id D477A84D81; Mon, 29 Jun 2020 11:49:51 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 5DA9484D7A for ; Mon, 29 Jun 2020 11:49:51 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id zgAwEaz6X_kV for ; Mon, 29 Jun 2020 11:49:50 +0000 (UTC) Received: from cvs.NetBSD.org (ivanova.netbsd.org [199.233.217.197]) by mail.netbsd.org (Postfix) with ESMTP id B4FED84D5D for ; Mon, 29 Jun 2020 11:49:50 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id 87045FB28; Mon, 29 Jun 2020 11:49:50 +0000 (UTC) Content-Transfer-Encoding: 7bit Content-Type: multipart/mixed; boundary="_----------=_159343139060230" MIME-Version: 1.0 Date: Mon, 29 Jun 2020 11:49:50 +0000 From: "Ryo ONODERA" Subject: CVS commit: pkgsrc/security/putty To: pkgsrc-changes@NetBSD.org Reply-To: ryoon@netbsd.org X-Mailer: log_accum Message-Id: <20200629114950.87045FB28@cvs.NetBSD.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk List-Unsubscribe: This is a multi-part message in MIME format. --_----------=_159343139060230 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Module Name: pkgsrc Committed By: ryoon Date: Mon Jun 29 11:49:50 UTC 2020 Modified Files: pkgsrc/security/putty: Makefile distinfo Removed Files: pkgsrc/security/putty/patches: patch-unix_uxucs.c Log Message: putty: Update to 0.74 Changelog: This release fixes the following security issues: - In some situations an SSH server could cause PuTTY to access freed mdmory by pretending to accept an SSH key and then refusing the actual signature. It can only happen if you're using an SSH agent. - New configuration option to disable PuTTY's default policy of changing its host key algorithm preferences to prefer keys it already knows. (There is a theoretical information leak in this policy.) Other bug fixes include: - Windows installer: the text in the installer UI is now visible in Windows high-contrast mode. (Previously it was white on white by mistake.) - Windows 7: fixed spurious OS out-of-memory error when reading passwords from a Windows console (e.g. psftp). - Terminal crash: the dreaded "line==NULL" error could happen if an application switched between the main and alternate screens while the user was looking at the scrollback. - Terminal crash: the terminal could fail an assertion when sending an empty answerback string, and when pasting text none of whose characters exist in the selected character set. - SSH: fixed endless memory-allocating loop that could be triggered by the combination of a misbehaving SSH agent and PuTTY's bug compatibility mode for padded RSA signatures. - File transfer: when uploading files to some SFTP servers (e.g. the one in proftpd's mod_sftp), PSFTP would consume up to 4GB of local memory before sending anything to the server. - Terminal behaviour: sometimes the cursor was put in the wrong place after restoring from the alternate screen. - GTK: fixed font size calculation when using newer Pango libraries (e.g. the one on Ubuntu 20.04). - GTK: scroll wheel events now work in unusual environments like VNC. To generate a diff of this commit: cvs rdiff -u -r1.61 -r1.62 pkgsrc/security/putty/Makefile cvs rdiff -u -r1.28 -r1.29 pkgsrc/security/putty/distinfo cvs rdiff -u -r1.3 -r0 pkgsrc/security/putty/patches/patch-unix_uxucs.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. --_----------=_159343139060230 Content-Disposition: inline Content-Length: 2158 Content-Transfer-Encoding: binary Content-Type: text/x-diff; charset=us-ascii Modified files: Index: pkgsrc/security/putty/Makefile diff -u pkgsrc/security/putty/Makefile:1.61 pkgsrc/security/putty/Makefile:1.62 --- pkgsrc/security/putty/Makefile:1.61 Tue Mar 10 22:10:55 2020 +++ pkgsrc/security/putty/Makefile Mon Jun 29 11:49:50 2020 @@ -1,8 +1,7 @@ -# $NetBSD: Makefile,v 1.61 2020/03/10 22:10:55 wiz Exp $ +# $NetBSD: Makefile,v 1.62 2020/06/29 11:49:50 ryoon Exp $ # -DISTNAME= putty-0.73 -PKGREVISION= 2 +DISTNAME= putty-0.74 CATEGORIES= security MASTER_SITES= http://the.earth.li/~sgtatham/putty/${PKGVERSION_NOREV}/ Index: pkgsrc/security/putty/distinfo diff -u pkgsrc/security/putty/distinfo:1.28 pkgsrc/security/putty/distinfo:1.29 --- pkgsrc/security/putty/distinfo:1.28 Thu Dec 19 22:22:33 2019 +++ pkgsrc/security/putty/distinfo Mon Jun 29 11:49:50 2020 @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.28 2019/12/19 22:22:33 joerg Exp $ +$NetBSD: distinfo,v 1.29 2020/06/29 11:49:50 ryoon Exp $ -SHA1 (putty-0.73.tar.gz) = 17daebb82e476adfd578f6934c28f4d2c209b7d8 -RMD160 (putty-0.73.tar.gz) = 9e7c0084464963581bc47ce1b87e25ba51d27743 -SHA512 (putty-0.73.tar.gz) = 4ada4b8c6d68be44afede2676bc661fedfd1ea0b574b8232ad9aaa6f3a48baa9f4f0ded2955b3f2677a14db85a508f53c965cb00fcd7538a1ed9844031f0c5e5 -Size (putty-0.73.tar.gz) = 2459115 bytes +SHA1 (putty-0.74.tar.gz) = 17b160e9720f67f9af9399d7d185b913b81f18fe +RMD160 (putty-0.74.tar.gz) = 0bcc5b606f19379168d19de6f5b764a7c2753bf5 +SHA512 (putty-0.74.tar.gz) = 0da86849ea764cd88643bd2c1984ac7211ae72dd7c41232307b1960a29ca9518044b022d87c60272d6db71a3357026862a112bedb90ee732b41494fca3acde9b +Size (putty-0.74.tar.gz) = 2476513 bytes SHA1 (patch-ldisc.c) = cf31a65f920a3ea9b4a70602e4b2fd4d5df8d3e8 SHA1 (patch-misc.c) = fa1c2db8eb20ceaadb4b57b6aefa57f22d2ae26f SHA1 (patch-terminal.c) = 30d6196e371b5369f9ea69e193662a47dbefaa10 @@ -11,4 +11,3 @@ SHA1 (patch-timing.c) = a6a492fc8b22c58e SHA1 (patch-unix_Makefile.gtk) = 7fe7859ad91afb57ef3ba31194ffd2ef784f638d SHA1 (patch-unix_uxnet.c) = 2d1c2939721993fe5616c2fe3f1935c03a31bb35 SHA1 (patch-unix_uxpgnt.c) = b5625b33b940ea2870d3e91d38e2303a80d6887b -SHA1 (patch-unix_uxucs.c) = 47791025e5375e9e8649ce24bc9efff3c7d29ab4 --_----------=_159343139060230--