PuTTY version 0.49 is released
Wed, 28 Jun 2000 11:03:05 +0100
PuTTY version 0.49 has finally been released!
Unfortunately the Alpha build of the 0.49 release is currently
unavailable due to problems with our build machine, but we will put
it out as soon as we can.
The Intel x86 release, and the source code, are available now from
the PuTTY website
A full list of the new features since version 0.48 follows. In
particular, there have been some security fixes, so you are STRONGLY
encouraged to upgrade.
* Stop the SSH protocol code from sending zero-length
SSH_CMSG_STDIN_DATA packets when Shift is pressed. These appear
to be harmless to Unix sshd, but cause VMS sshd to generate an
* Fix a small bug about using special port numbers in pscp; thanks
to Joris van Rantwijk.
* Three security improvements. PuTTY now checks the CRC on
incoming packets, checks that the packet length and string
length fields on incoming SSH_SMSG_*_DATA packets are
consistent, and outlaws attempts to set the terminal size too
big by escape sequences (countering the xterm DoS attack shown
in bugtraq #1298).
* High-half characters (160 and above) are now supported in
username and password input.
* Bug fix: RSA keys whose storage format used an odd number of
bytes (i.e. the bit length of the key, mod 16, was between 1 and
8 inclusive) were being handled incorrectly. An sshd with an
850-bit server key wasn't able to accept connections from PuTTY
as a result.
* pscp now has the "-ls" option to get a directory listing of a
remote host. It does this by sending the command "ls -la
<dirspec>", so it might well not work on non-Unix ssh servers.
It's mainly there to allow a useful directory listing facility
for potential GUI front ends.
* Local line discipline is now invoked in more sensible
circumstances, and understands Telnet Erase Line. Thanks to
Robert de Bath.
* Blinking cursor support (off by default). Thanks to Robert de
* Hopefully vastly improved PuTTY's behaviour under load; also we
can process incoming data even during a window move/resize.
Thanks to Robert de Bath.
* Better handling of the bug in which underlines are drawn outside
the character cell. Now they don't get drawn at _all_, which is
still non-ideal but it's better than rampaging screen
corruption. Thanks to Robert de Bath.
* Various terminal emulation upgrades. Thanks to Robert de Bath.
* By popular demand, Shift-Tab now sends ESC [ Z instead of being
indistinguishable from ordinary Tab.
* ^C, ^Z and ^D now instruct the local-terminal line discipline to
send Telnet special control codes. The local line discipline can
also be enabled and disabled in mid-session without dropping
data, and it's also linked to the Telnet ECHO option. Patch due
to Robert de Bath.
* Telnet SYNCH is now preceded by IAC, which it wasn't previously.
Patch due to Robert de Bath.
* Fixed the long-standing bug in which CSI ? Q and CSI Q were
treated identically for most values of Q. Patch due to Robert de
* Pressing Return in a Telnet session now sends Telnet NL instead
of Telnet CR (in raw data, that's CR-LF not CR-NUL; ^J continues
to send just LF). Unix telnetds should not notice any
difference; others might suddenly start working. Patch due to
Robert de Bath.
* Much patchery in font selection code; with any luck, mixed
OEM+ANSI line drawing mode will now be more reliable. Patch due
to Robert de Bath.
* An attempt has been made to deal with the dropping of incoming
data between decoding and display.
* Replaced all the algorithms that weren't already my own code.
The DES, MD5, SHA, and CRC32 implementations used in PuTTY are
now all written by me and distributable under the PuTTY licence,
instead of being borrowed from a variety of other places. Better
still, there are comments: the DES implementation contains a
careful description of how the algorithm given in the spec was
transformed into the optimised algorithm in the code, and the
CRC32 implementation explains what a CRC is and how the table
lookup algorithm works.
* Scrollback behaviour has changed. ANSI Delete Line at the top of
the screen now inserts the lines into the scrollback
(previously, only genuine scroll-up would do this). However, the
scrollback is never touched by scroll operations in the
* The response to Ctrl-E is now "PuTTY" instead of the xtermalike
sequence it was previously.
* The command line option -log will now cause all data received
from the remote host to be logged to a file putty.log.
* PSCP now doesn't try to "recurse" into the directories . and ..
like it did before.
* Add keyboard accelerators on the System menu.
* "Warn On Close" no longer applies to inactive windows: you can
close one of those without complaint.
* There is now a system to generate Borland and Cygnus makefiles
from the master makefile, so that people can build PuTTY with
other compilers but I still only have to maintain one makefile.
Simon Tatham "Time and tide wait for no man,
<firstname.lastname@example.org> but everybody waits for women."