1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5588-1] putty security update

    From Salvatore Bonaccorso@21:1/5 to All on Sun Dec 24 11:30:01 2023
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5588-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 24, 2023 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : putty
    CVE ID : CVE-2021-36367 CVE-2023-48795
    Debian Bug : 990901

    Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the
    SSH protocol is prone to a prefix truncation attack, known as the
    "Terrapin attack". This attack allows a MITM attacker to effect a
    limited break of the integrity of the early encrypted SSH transport
    protocol by sending extra messages prior to the commencement of
    encryption, and deleting an equal number of consecutive messages
    immediately after encryption starts.

    Details can be found at https://terrapin-attack.com/

    For the oldstable distribution (bullseye), these problems have been fixed
    in version 0.74-1+deb11u1. This update includes a fix for CVE-2021-36367.

    For the stable distribution (bookworm), these problems have been fixed in version 0.78-2+deb12u1.

    We recommend that you upgrade your putty packages.

    For the detailed security status of putty please refer to its security
    tracker page at:
    https://security-tracker.debian.org/tracker/putty

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmWIB5tfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0SDBQ/9FAw79bM9LfLI7aFS91kMvrxyhviu7KppEpM6V3OR6gCdrqj6L5MrWY5W G0+iYGdG1fHEoZkvYXq8HnMhsVBD5UuKDGHQ3Z15g1AaIc8tQ67cr7fM5PjYgijq 8z3Vae0nH2WUn+ZIrdf4CnJ2dwiUa+M37UxyGfCNYoEID0KhZrYTuJFLWF5wrIqd p/upvzSBjQ1/fD0O8O6gK4ZCDhKU2/rZuMtnuiQ2ho3gH8J9odHyypqpNquQaslD M3SizrmheLZYhBbCKTggNd+kuMEgkeDg3VRih0VTOggh0CzR7NZbLitoviB5AvzV CFPviQCQOMKQPkBqgmKzDaobTOqwUZ+df4c63nxbENyrXGl9WwTAiBYT19TuX199 TpgjHcmWYwPux6gdga3OHdo7m1eOMCG46S+joLDo6FnUcUMjA2+74z2z1IpYzE0v b+zK+l8Nu74RGY/gH5ewX9JCFGPRiPBwhtu0TavYO1nWbpcz0Z2jrUYIM7kS/3Sp VUbiH9D+PyBJOawxDZSuiEhfOgilGl+r0d3MP0S0Lo2OoKPB9fgVYj5ICyn8ZBQz /bhxzi+wDV0XFkzM8fxdtbq4BwHVXzgmPKdabwZuNL9eViSF0XmSDG0lwFDDT1lK kCcBRnvdpvP0dxFzjfLnWZvISylGDR31q2ZGHIonDq+2yJcFHX8=
    =qdiJ
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)