Mon Apr 15 21:55:23 2024 UTC (37d)
putty: update to 0.81.

PuTTY 0.81, released today, fixes a critical vulnerability
CVE-2024-31497 in the use of 521-bit ECDSA keys (ecdsa-sha2-nistp521).
If you have used a 521-bit ECDSA private key with any previous
version of PuTTY, consider the private key compromised: remove the
public key from authorized_keys files, and generate a new key pair.

However, this only affects that one algorithm and key size. No
other size of ECDSA key is affected, and no other key type is
affected.


(wiz)
diff -r1.83 -r1.84 pkgsrc/security/putty/Makefile
diff -r1.37 -r1.38 pkgsrc/security/putty/distinfo
cvs diff -r1.83 -r1.84 pkgsrc/security/putty/Makefile (expand / switch to unified diff)

--- pkgsrc/security/putty/Makefile 2024/04/07 07:34:57 1.83
+++ pkgsrc/security/putty/Makefile 2024/04/15 21:55:23 1.84
@@ -1,17 +1,16 @@ @@ -1,17 +1,16 @@
1# $NetBSD: Makefile,v 1.83 2024/04/07 07:34:57 wiz Exp $ 1# $NetBSD: Makefile,v 1.84 2024/04/15 21:55:23 wiz Exp $
2 2
3DISTNAME= putty-0.80 3DISTNAME= putty-0.81
4PKGREVISION= 2 
5CATEGORIES= security 4CATEGORIES= security
6MASTER_SITES= http://the.earth.li/~sgtatham/putty/${PKGVERSION_NOREV}/ 5MASTER_SITES= http://the.earth.li/~sgtatham/putty/${PKGVERSION_NOREV}/
7 6
8MAINTAINER= pkgsrc-users@NetBSD.org 7MAINTAINER= pkgsrc-users@NetBSD.org
9HOMEPAGE= https://www.chiark.greenend.org.uk/~sgtatham/putty/ 8HOMEPAGE= https://www.chiark.greenend.org.uk/~sgtatham/putty/
10COMMENT= Free implementation of Telnet and SSH for Win32 and Unix platforms 9COMMENT= Free implementation of Telnet and SSH for Win32 and Unix platforms
11LICENSE= mit 10LICENSE= mit
12 11
13USE_CMAKE= yes 12USE_CMAKE= yes
14USE_TOOLS+= perl pkg-config 13USE_TOOLS+= perl pkg-config
15 14
16# error: 'for' loop initial declarations are only allowed in C99 mode 15# error: 'for' loop initial declarations are only allowed in C99 mode
17FORCE_C_STD= c99 16FORCE_C_STD= c99
cvs diff -r1.37 -r1.38 pkgsrc/security/putty/distinfo (expand / switch to unified diff)

--- pkgsrc/security/putty/distinfo 2023/12/18 15:57:00 1.37
+++ pkgsrc/security/putty/distinfo 2024/04/15 21:55:23 1.38
@@ -1,8 +1,8 @@ @@ -1,8 +1,8 @@
1$NetBSD: distinfo,v 1.37 2023/12/18 15:57:00 wiz Exp $ 1$NetBSD: distinfo,v 1.38 2024/04/15 21:55:23 wiz Exp $
2 2
3BLAKE2s (putty-0.80.tar.gz) = c9e95c3ef9118d17c5c4c185db5a4c4b5d9e7dc5ff0d598e20feba674a8266ff 3BLAKE2s (putty-0.81.tar.gz) = c6e77fbf456bb5f43d2d65689e8d51d664962e715daef3373d5286a6c2676a65
4SHA512 (putty-0.80.tar.gz) = c8a6b6fa54ecd8bcf4ec274fef51343dd9996e6458b250b5555c4dc88ded25e87f97277da482c29858510e65635112d541f559ab683635bd950572d850129f90 4SHA512 (putty-0.81.tar.gz) = d86f2fd0e126b18275d58cf64334b3b27c450899a1c2be2502de9faa2ef58f7fc8efc5d45f25c8395623f1e21917aa02407343bb2fee44c4c00b9f81267d5ecd
5Size (putty-0.80.tar.gz) = 2831433 bytes 5Size (putty-0.81.tar.gz) = 2844616 bytes
6SHA1 (patch-ldisc.c) = cf31a65f920a3ea9b4a70602e4b2fd4d5df8d3e8 6SHA1 (patch-ldisc.c) = cf31a65f920a3ea9b4a70602e4b2fd4d5df8d3e8
7SHA1 (patch-terminal.c) = 690d9021b14947ae24c68ecff6781ad255ab7a70 7SHA1 (patch-terminal.c) = 690d9021b14947ae24c68ecff6781ad255ab7a70
8SHA1 (patch-timing.c) = a6a492fc8b22c58e2973c854bffa4c8bf71eb6a7 8SHA1 (patch-timing.c) = a6a492fc8b22c58e2973c854bffa4c8bf71eb6a7