simon-git: putty (pre-0.64): Simon Tatham
Commits to Tartarus CVS repository.
tartarus-commits at lists.tartarus.org
Sat Feb 28 09:05:55 GMT 2015
TL;DR:
1744768 Enforce acceptable range for Diffie-Hellman server value.
1f75792 Fix an erroneous length field in SSH-1 key load.
65f69bc Add some missing smemclrs and sfrees.
2713396 Bump version number for 0.64 release.
Repository: git://git.tartarus.org/simon/putty.git
On the web: http://tartarus.org/~simon-git/gitweb/?p=putty.git
Branch updated: pre-0.64
Committer: Simon Tatham <anakin at pobox.com>
Date: 2015-02-28 09:05:55
commit 174476813f0ed94337aecc3e2d13a202a1dc2fa8
web diff http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=174476813f0ed94337aecc3e2d13a202a1dc2fa8;hp=db9385b3ce08c211c3e2b950aa1a0f656ba3ab01
Author: Simon Tatham <anakin at pobox.com>
Date: Thu Feb 5 19:39:17 2015 +0000
Enforce acceptable range for Diffie-Hellman server value.
Florent Daigniere of Matta points out that RFC 4253 actually
_requires_ us to refuse to accept out-of-range values, though it isn't
completely clear to me why this should be a MUST on the receiving end.
Matta considers this to be a security vulnerability, on the grounds
that if a server should accidentally send an obviously useless value
such as 1 then we will fail to reject it and agree a key that an
eavesdropper could also figure out. Their id for this vulnerability is
MATTA-2015-002.
ssh.c | 7 +++++++
ssh.h | 1 +
sshdh.c | 23 +++++++++++++++++++++++
3 files changed, 31 insertions(+)
commit 1f757928051b6d6ff231b2265bad2d263b0fe3ea
web diff http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=1f757928051b6d6ff231b2265bad2d263b0fe3ea;hp=174476813f0ed94337aecc3e2d13a202a1dc2fa8
Author: Simon Tatham <anakin at pobox.com>
Date: Thu Feb 19 20:05:10 2015 +0000
Fix an erroneous length field in SSH-1 key load.
We incremented buf by a few bytes, so we must decrement the
corresponding length by the same amount, or else makekey() could
overrun.
Thanks to Patrick Coleman for the patch.
sshpubk.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit 65f69bca7363ceceeac515ae2a82b8f8adc6404d
web diff http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=65f69bca7363ceceeac515ae2a82b8f8adc6404d;hp=1f757928051b6d6ff231b2265bad2d263b0fe3ea
Author: Simon Tatham <anakin at pobox.com>
Date: Thu Feb 19 20:08:18 2015 +0000
Add some missing smemclrs and sfrees.
The absence of these could have prevented sensitive private key
information from being properly cleared out of memory that PuTTY tools
had finished with.
Thanks to Patrick Coleman for spotting this and sending a patch.
sshpubk.c | 18 ++++++++++++++----
1 file changed, 14 insertions(+), 4 deletions(-)
commit 2713396c91fa6ba00c40940450ffcc3953aba4ee
web diff http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=2713396c91fa6ba00c40940450ffcc3953aba4ee;hp=65f69bca7363ceceeac515ae2a82b8f8adc6404d
Author: Simon Tatham <anakin at pobox.com>
Date: Fri Feb 27 22:42:03 2015 +0000
Bump version number for 0.64 release.
Buildscr | 2 +-
LATEST.VER | 2 +-
doc/plink.but | 2 +-
doc/pscp.but | 2 +-
windows/putty.iss | 8 ++++----
5 files changed, 8 insertions(+), 8 deletions(-)
More information about the tartarus-commits
mailing list