anakin at pobox.com
Sat Dec 10 13:57:21 GMT 2011
PuTTY version 0.62 is released
All the pre-built binaries, and the source code, are now available
from the PuTTY website at
PuTTY 0.62 is a bug-fix release: it contains fixes for eight bugs
present in 0.61, and otherwise the two versions do not differ. Most of
the changes in the current development snapshots are not included in
One of the bugs is a SECURITY FIX, so if it affects you, you should
- PuTTY 0.62 fixes a security issue present in 0.59, 0.60 and 0.61.
If you log in using SSH-2 keyboard-interactive authentication
(which is the usual method used by modern servers to request a
password), the password you type was accidentally kept in PuTTY's
memory for the rest of its run, where it could be retrieved by
other processes reading PuTTY's memory, or written out to swap
files or crash dumps.
The remaining bugs are not critical, and are listed here:
- Pageant 0.61 would not accept connections from PuTTY 0.60 and
earlier, or from other software (such as WinSCP) that used 0.60's
method of talking to Pageant. Pageant 0.62 accepts connections from
both types of client.
- If PuTTY 0.61 attempted GSSAPI authentication and failed, it
printed a spurious and confusing 'Access denied' message in the
terminal window, even though it was still possible to log in by
- If PSCP or PSFTP 0.61 was told to load a saved session which
specifies SSH on a port other than 22, they would wrongly try to
connect to port 22 instead of the specified port.
- Pageant 0.61 leaked a file mapping handle every time it received a
message with the wrong authentication.
- PuTTYtel 0.61 crashed with an assertion failure message when saving
- PuTTY 0.61 could display underlined text with the underlines in the
wrong place, to the right of the characters they should have been
- PuTTY 0.61 could display VT100 line-drawing characters at the wrong
vertical offset if they appeared next to the offset horizontal line
Enjoy using PuTTY!
for k in [pow(x,37,0x13AC59F3ECAC3127065A9) for x in [0x195A0BCE1C2F0310B43C,
0x73A0CE584254AB23D5A0, 0x12878657EA814421CC92, 0x7373445BB3DA69996F4A,
0x77A7ED5BC3AA700E80B2, 0xE9C71C94ED87ADCF7367, 0xFE920395F414C1A5DB50]]:
print "".join([chr(32+3*((k>>x)&1))for x in range(79)]) # <anakin at pobox.com>
More information about the PuTTY-announce