1. Forum
  2. Usenet
  3. COMP.SECURITY.SSH

  • PuTTY 0.76 is released

    From Simon Tatham@21:1/5 to All on Sat Jul 17 11:57:11 2021
    PuTTY version 0.76 is released
    ------------------------------

    All the pre-built binaries, and the source code, are now available
    from the PuTTY website at

    https://www.chiark.greenend.org.uk/~sgtatham/putty/

    This is almost entirely a bug fix release based on 0.75. It also
    contains one minor new feature with potential security use:

    - Option to abandon an SSH connection if the server allows you to
    authenticate in a trivial manner (with no passwords, responses or
    signatures of any kind). This kind of authentication is sometimes
    legitimate, but can also be used by malicious servers to spoof
    parts of the real authentication. PuTTY's main defence against this
    is the trust sigils introduced in 0.71, but this new option
    provides an extra line of defence.

    Bugs fixed in this release include:

    - Windows PuTTY: turning on the 'Use system colours' config option
    caused PuTTY to crash immediately on opening the terminal window.

    - Windows PuTTY: named pipes used to communicate with Pageant were
    kept open for the lifetime of the PuTTY process, causing a leak of
    handles and potentially causing Pageant to hang if too many were
    active at once.

    - Windows PuTTY: if you used the mouse to 'hold down' the buttons at
    the ends of the terminal's scrollbar, the window would fail to
    update until you let go of the mouse button again.

    - Changing the colour palette in mid-session using the 'Change
    Settings' dialog box would not take effect immediately, but instead
    would delay until a palette reset happened for some other reason.

    - Changing the colour palette under server control could be
    unreliable if multiple changes were sent very quickly.

    - Any of the tools reading a private key file could tight-loop by
    accident if the file was incomplete (e.g. missing its final
    newline).

    - Windows Pageant: the GUI key list window forgot to specify the
    lengths of the stored keys.

    - Windows: if you used MIT Kerberos for Windows, the 'Restart
    Session' function would cause a crash inside the Kerberos library.

    Enjoy using PuTTY!

    --
    for k in [pow(x,37,0x1a1298d262b49c895d47f) for x in [0x50deb914257022de7fff, 0x213558f2215127d5a2d1, 0x90c99e86d08b91218630, 0x109f3d0cfbf640c0beee7, 0xc83e01379a5fbec5fdd1, 0x19d3d70a8d567e388600e, 0x534e2f6e8a4a33155123]]:
    print("".join([chr(32+3*((k>>x)&1))for x in range(79)])) # <anakin@pobox.com>

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)