<snip> This is a SECURITY UPDATE. We recommend that _everybody_ upgrade, as soon as possible. This version fixes a security hole in previous versions of PuTTY, which can allow an SSH2 server to attack your client before host key verification. This means that you are not even safe if you trust the server you _think_ you're connecting to, since it could be spoofed over the network and the host key check would not detect this before the attack could take place. The attack can allow the server to execute code of its choice on the client. This vulnerability was found by iDEFENSE, who we expect to release an advisory on the subject shortly. </snip>
Travis, please bump to 0.56 asap
done
GLSA 200410-29 Thx for the notification and swift resolution folks.