From ${URL} : Description SEARCH-LAB has reported some vulnerabilities in PuTTY, which can be exploited by malicious people to potentially compromise a user's system. The vulnerabilities are caused due to some integer overflow errors when handling the SSH handshake and can be exploited to cause heap-based buffer overflows via a negative handshake message length. Successful exploitation of may allow execution of arbitrary code, but requires tricking the user into connecting to a malicious server. The vulnerabilities are reported in version 0.62. Prior versions may also be affected. Solution: Fixed in the source code repository. Provided and/or discovered by: Gergely Eberhardt, SEARCH-LAB. Original Advisory: PuTTY SVN: http://svn.tartarus.org/sgt?view=revision&sortby=date&revision=9896 @maintainer(s): after the bump, in case we need to stabilize the package, please say explicitly if it is ready for the stabilization or not.
Arch teams, please test and mark stable: =net-misc/putty-0.62.20130805 Stable KEYWORDS : alpha amd64 ppc sparc x86
amd64 stable
Upstream have committed to a new release, so let's stabilise that instead. I have carried over the stable amd64 keyword. Arch teams, please test and mark stable: =net-misc/putty-0.63 Stable KEYWORDS : alpha amd64 hppa ppc sparc x86
sparc stable
alpha stable
ppc stable
x86 stable
Thanks for your work. Added to existing GLSA draft
This issue was resolved and addressed in GLSA 201308-01 at http://security.gentoo.org/glsa/glsa-201308-01.xml by GLSA coordinator Sergey Popov (pinkbyte).
CVE-2013-4852 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4852): Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the SSH handshake, which triggers a heap-based buffer overflow.
