Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 696092 (CVE-2019-17068, CVE-2019-17069)

Summary: <net-misc/putty-0.73: multiple vulnerabilities (CVE-2019-{17068,17069}}
Product: Gentoo Security Reporter: Jeroen Roovers (RETIRED) <jer>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Severity: trivial Flags: stable-bot: sanity-check+
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B4 [noglsa cve]
Package list:
Runtime testing required: ---

Description Jeroen Roovers (RETIRED) gentoo-dev 2019-10-03 04:19:40 UTC says about 0.73:

 * Security fix: in bracketed paste mode, the terminal escape sequences that should delimit the pasted data were appearing together on one side of it, making it possible to misidentify pasted data as manual keyboard input.
(* Bug fix (possibly security-related): an SSH-1 server sending a disconnection message could cause an access to freed memory.)
Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev 2019-10-06 21:31:53 UTC
x86 stable
Comment 2 Agostino Sarubbo gentoo-dev 2019-10-07 08:46:58 UTC
amd64 stable
Comment 3 Agostino Sarubbo gentoo-dev 2019-10-07 09:50:59 UTC
ppc stable
Comment 4 Agostino Sarubbo gentoo-dev 2019-10-07 09:53:44 UTC
ppc64 stable
Comment 5 Matt Turner gentoo-dev 2019-10-14 02:33:46 UTC
alpha keywords dropped to unstable

all arches done
Comment 6 Agostino Sarubbo gentoo-dev 2019-10-14 11:31:59 UTC
sparc stable.

Maintainer(s), please cleanup.
Security, please vote.
Comment 7 Thomas Deutschmann (RETIRED) gentoo-dev 2019-10-26 18:11:16 UTC
GLSA Vote: No!

Repository is clean, all done!