putty: update to 0.80. PuTTY version 0.80 is released ------------------------------ This is a SECURITY UPDATE. We recommend that _everybody_ upgrade, as soon as possible. There is one security fix in this release: - Fix for a newly discovered security issue known as the 'Terrapin' attack, also numbered CVE-2023-48795. The issue affects widely-used OpenSSH extensions to the SSH protocol: the ChaCha20+Poly1305 cipher system, and 'encrypt-then-MAC' mode. In order to benefit from the fix, you must be using a fixed version of PuTTY _and_ a server with the fix, so that they can agree to adopt a modified version of the protocol. Alternatively, you may be able to reconfigure PuTTY to avoid selecting any of the affected modes. If PuTTY 0.80 connects to an SSH server without the fix, it will warn you if the initial protocol negotiation chooses an insecure mode to run the connection in, so that you can abandon the connection. If it's possible to alter PuTTY's configuration to avoid the problem, then the warning message will tell you how to do it. As well as this security fix, there are two other ordinary bug fixes in 0.80: - On Windows, if you installed the MSI package, PuTTY could not find its help file. The help file was installed, but PuTTY wouldn't be able to open it, so the help buttons in its dialog boxes were missing. - Sometimes, if you were looking at the terminal scrollback, the view position would be reset to the bottom of the scrollback unwantedly, if the server sent terminal output that didn't actually cause anything to be printed.diff -r1.80 -r1.81 pkgsrc/security/putty/Makefile
(wiz)
@@ -1,47 +1,45 @@ | @@ -1,47 +1,45 @@ | |||
1 | # $NetBSD: Makefile,v 1.80 2023/11/14 14:02:49 wiz Exp $ | 1 | # $NetBSD: Makefile,v 1.81 2023/12/18 15:57:00 wiz Exp $ | |
2 | # | |||
3 | 2 | |||
4 | DISTNAME= putty-0.79 | 3 | DISTNAME= putty-0.80 | |
5 | PKGREVISION= 2 | |||
6 | CATEGORIES= security | 4 | CATEGORIES= security | |
7 | MASTER_SITES= http://the.earth.li/~sgtatham/putty/${PKGVERSION_NOREV}/ | 5 | MASTER_SITES= http://the.earth.li/~sgtatham/putty/${PKGVERSION_NOREV}/ | |
8 | 6 | |||
9 | MAINTAINER= pkgsrc-users@NetBSD.org | 7 | MAINTAINER= pkgsrc-users@NetBSD.org | |
10 | HOMEPAGE= https://www.chiark.greenend.org.uk/~sgtatham/putty/ | 8 | HOMEPAGE= https://www.chiark.greenend.org.uk/~sgtatham/putty/ | |
11 | COMMENT= Free implementation of Telnet and SSH for Win32 and Unix platforms | 9 | COMMENT= Free implementation of Telnet and SSH for Win32 and Unix platforms | |
12 | LICENSE= mit | 10 | LICENSE= mit | |
13 | 11 | |||
14 | USE_CMAKE= yes | 12 | USE_CMAKE= yes | |
15 | USE_TOOLS+= perl pkg-config | 13 | USE_TOOLS+= perl pkg-config | |
16 | 14 | |||
17 | # error: 'for' loop initial declarations are only allowed in C99 mode | 15 | # error: 'for' loop initial declarations are only allowed in C99 mode | |
18 | FORCE_C_STD= c99 | 16 | FORCE_C_STD= c99 | |
19 | 17 | |||
20 | #INSTALLATION_DIRS= bin ${PKGMANDIR}/man1 | 18 | #INSTALLATION_DIRS= bin ${PKGMANDIR}/man1 | |
21 | 19 | |||
22 | .include "options.mk" | 20 | .include "options.mk" | |
23 | 21 | |||
24 | .if !empty(OPSYS:M*BSD) || ${OPSYS} == "DragonFly" || ${OPSYS} == "Darwin" | 22 | .if ${OPSYS:M*BSD} || ${OPSYS} == "DragonFly" || ${OPSYS} == "Darwin" | |
25 | CFLAGS+= -DOMIT_UTMP | 23 | CFLAGS+= -DOMIT_UTMP | |
26 | .endif | 24 | .endif | |
27 | 25 | |||
28 | # Unix98 ptys were added some time ago in NetBSD -current, | 26 | # Unix98 ptys were added some time ago in NetBSD -current, | |
29 | # so use it if we have the device, otherwise use the old style. | 27 | # so use it if we have the device, otherwise use the old style. | |
30 | .if !exists(/dev/ptmx) | 28 | .if !exists(/dev/ptmx) | |
31 | CFLAGS+= -DBSD_PTYS | 29 | CFLAGS+= -DBSD_PTYS | |
32 | .endif | 30 | .endif | |
33 | 31 | |||
34 | LDFLAGS.SunOS+= -lsocket -lnsl | 32 | LDFLAGS.SunOS+= -lsocket -lnsl | |
35 | CFLAGS.SunOS+= -DBSD_COMP | 33 | CFLAGS.SunOS+= -DBSD_COMP | |
36 | CFLAGS.Darwin+= -DHAVE_FUTIMES -DHAVE_NO_SETRESUID | 34 | CFLAGS.Darwin+= -DHAVE_FUTIMES -DHAVE_NO_SETRESUID | |
37 | CFLAGS.NetBSD+= -DHAVE_FUTIMES -DHAVE_NO_SETRESUID | 35 | CFLAGS.NetBSD+= -DHAVE_FUTIMES -DHAVE_NO_SETRESUID | |
38 | CFLAGS.Linux+= -DHAVE_FUTIMES -DHAVE_NO_SETRESUID | 36 | CFLAGS.Linux+= -DHAVE_FUTIMES -DHAVE_NO_SETRESUID | |
39 | LDFLAGS.Linux+= -ldl | 37 | LDFLAGS.Linux+= -ldl | |
40 | 38 | |||
41 | .include "../../x11/gtk3/buildlink3.mk" | 39 | .include "../../x11/gtk3/buildlink3.mk" | |
42 | .if !empty(PKG_BUILD_OPTIONS.gtk3:Mquartz) | 40 | .if ${PKG_BUILD_OPTIONS.gtk3:Mquartz} | |
43 | BUILDLINK_TRANSFORM+= rm:-lX11 rm:-lXext | 41 | BUILDLINK_TRANSFORM+= rm:-lX11 rm:-lXext | |
44 | CFLAGS+= -DOSX_GTK | 42 | CFLAGS+= -DOSX_GTK | |
45 | .endif | 43 | .endif | |
46 | .include "../../mk/dlopen.buildlink3.mk" | 44 | .include "../../mk/dlopen.buildlink3.mk" | |
47 | .include "../../mk/bsd.pkg.mk" | 45 | .include "../../mk/bsd.pkg.mk" |
@@ -1,8 +1,8 @@ | @@ -1,8 +1,8 @@ | |||
1 | $NetBSD: distinfo,v 1.36 2023/10/15 06:24:19 ryoon Exp $ | 1 | $NetBSD: distinfo,v 1.37 2023/12/18 15:57:00 wiz Exp $ | |
2 | 2 | |||
3 | BLAKE2s (putty-0.79.tar.gz) = 583f894dceafd565f2f117eb4f692bab75870426fd7a97989fa565cdfb648a99 | 3 | BLAKE2s (putty-0.80.tar.gz) = c9e95c3ef9118d17c5c4c185db5a4c4b5d9e7dc5ff0d598e20feba674a8266ff | |
4 | SHA512 (putty-0.79.tar.gz) = 4f10f870b229c89e928921d3b350955ce1c1170a062e7943d9cc8dbd83389d82a9b844623541605f0db5a429d545c2d188bf8e384c6515466fae69b216120983 | 4 | SHA512 (putty-0.80.tar.gz) = c8a6b6fa54ecd8bcf4ec274fef51343dd9996e6458b250b5555c4dc88ded25e87f97277da482c29858510e65635112d541f559ab683635bd950572d850129f90 | |
5 | Size (putty-0.79.tar.gz) = 2826618 bytes | 5 | Size (putty-0.80.tar.gz) = 2831433 bytes | |
6 | SHA1 (patch-ldisc.c) = cf31a65f920a3ea9b4a70602e4b2fd4d5df8d3e8 | 6 | SHA1 (patch-ldisc.c) = cf31a65f920a3ea9b4a70602e4b2fd4d5df8d3e8 | |
7 | SHA1 (patch-terminal.c) = 690d9021b14947ae24c68ecff6781ad255ab7a70 | 7 | SHA1 (patch-terminal.c) = 690d9021b14947ae24c68ecff6781ad255ab7a70 | |
8 | SHA1 (patch-timing.c) = a6a492fc8b22c58e2973c854bffa4c8bf71eb6a7 | 8 | SHA1 (patch-timing.c) = a6a492fc8b22c58e2973c854bffa4c8bf71eb6a7 |