Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 696092 (CVE-2019-17068, CVE-2019-17069) - <net-misc/putty-0.73: multiple vulnerabilities (CVE-2019-{17068,17069}}
Summary: <net-misc/putty-0.73: multiple vulnerabilities (CVE-2019-{17068,17069}}
Status: RESOLVED FIXED
Alias: CVE-2019-17068, CVE-2019-17069
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B4 [noglsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2019-10-03 04:19 UTC by Jeroen Roovers (RETIRED)
Modified: 2019-10-26 18:11 UTC (History)
0 users

See Also:
Package list:
=net-misc/putty-0.73
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Jeroen Roovers (RETIRED) gentoo-dev 2019-10-03 04:19:40 UTC
https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html says about 0.73:

 * Security fix: in bracketed paste mode, the terminal escape sequences that should delimit the pasted data were appearing together on one side of it, making it possible to misidentify pasted data as manual keyboard input.
(* Bug fix (possibly security-related): an SSH-1 server sending a disconnection message could cause an access to freed memory.)
Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev 2019-10-06 21:31:53 UTC
x86 stable
Comment 2 Agostino Sarubbo gentoo-dev 2019-10-07 08:46:58 UTC
amd64 stable
Comment 3 Agostino Sarubbo gentoo-dev 2019-10-07 09:50:59 UTC
ppc stable
Comment 4 Agostino Sarubbo gentoo-dev 2019-10-07 09:53:44 UTC
ppc64 stable
Comment 5 Matt Turner gentoo-dev 2019-10-14 02:33:46 UTC
alpha keywords dropped to unstable

all arches done
Comment 6 Agostino Sarubbo gentoo-dev 2019-10-14 11:31:59 UTC
sparc stable.

Maintainer(s), please cleanup.
Security, please vote.
Comment 7 Thomas Deutschmann (RETIRED) gentoo-dev 2019-10-26 18:11:16 UTC
GLSA Vote: No!

Repository is clean, all done!