PuTTY 0.71 is released
Simon Tatham
anakin at pobox.com
Sat Mar 16 17:02:31 GMT 2019
PuTTY version 0.71 is released
------------------------------
All the pre-built binaries, and the source code, are now available
from the PuTTY website at
https://www.chiark.greenend.org.uk/~sgtatham/putty/
This is a SECURITY UPDATE. We recommend that _everybody_ upgrade, as
soon as possible.
This release fixes multiple security vulnerabilities. Most were found
by contributors to a HackerOne bug bounty programme funded by the EU.
Thanks to everybody who reported bugs, to HackerOne for organising it,
and to the EU for the funding!
Vulnerabilities fixed in this release include:
- A malicious server could trigger a buffer overrun by abusing the
RSA key exchange protocol. This would happen before host key
verification, so even if you trust the server you *intended* to
connect to, you would still be at risk.
- A malicious server could trigger a buffer overflow in Unix PuTTY by
opening a very large number of port forwardings.
- A malicious program able to write to the server-side terminal could
deny service to the rest of the SSH session, by making PuTTY's
terminal emulation code fail an assertion in at least two different
ways, or by making it consume large amounts of memory and CPU.
- Windows builds of PuTTY were vulnerable to hijacking if an attacker
could arrange to drop a malicious Windows help file (.chm) in the
same directory. Running PuTTY directly out of your browser's
download directory, for example, might make this possible.
Other security-related improvements:
- The cryptography code has been substantially rewritten to eliminate
cache and timing side channels.
- PuTTY has a new system for making legitimate authentication prompts
distinguishable from fakes sent by the server (e.g. to try to trick
you into sending information like private key passphrases over the
wire). This involves displaying 'trust sigils' (in the form of the
PuTTY icon) on lines of the terminal window that contain data
originated by PuTTY itself, and a precautionary prompt before
starting the main login session when using Plink interactively.
(That prompt can be turned off if it's an inconvenience.)
- By default, PuTTY now sanitises control characters out of data
pasted into the terminal data; output sent to standard error by the
server in Plink, PSCP and PSFTP; and filenames transmitted from the
server by PSCP and PSFTP.
Other improvements:
- We now provide builds of PuTTY for Windows on Arm, as well as for
x86-64 and x86 Windows.
- The GTK version of PuTTY now runs on non-X11 displays like Wayland,
and understands high-DPI configurations.
- You can now type ahead in a PuTTY window as soon as it opens, and
your keystrokes will no longer be discarded. Instead, PuTTY will
buffer them until either the login prompts or the main server
session can use them.
- PuTTY implements hardware-accelerated versions of the AES, SHA-256,
and SHA-1 cryptographic functions, on both x86 and Arm platforms.
- SSH user authentication prompts and banner messages are now allowed
to contain printable characters outside US-ASCII.
- PuTTY now supports Kerberos authentication via GSSAPI key exchange
as an alternative to the previous GSSAPI user authentication
system. This allows a Kerberos ticket forwarded to the SSH server
to be kept up to date during a long-running SSH session.
- Richer colour support in the terminal emulator: it now supports
true colour, dim text via the SGR 2 sequence, and a query sequence
that lets a server find out how many colours the terminal provides.
- The terminal now supports the REP escape sequence to print the same
character many times, which up-to-date versions of ncurses expect.
- The terminal has more flexible clipboard / selection handling. You
can now configure PuTTY not to automatically copy text to the
clipboard as soon as you select it (i.e. to behave more like a
normal Windows program). In the GTK version, you can configure
which of the system clipboards PuTTY uses, or even configure
different copy/paste keys to access different clipboards.
- Pressing Ctrl+Shift+PgUp or Ctrl+Shift+PgDn now takes you straight
to the top or bottom of the terminal scrollback.
Enjoy using PuTTY!
Cheers,
Simon
--
import hashlib; print((lambda p,q,g,y,r,s,m: (lambda w:(pow(g,int(hashlib.sha1(
m.encode('ascii')).hexdigest(),16)*w%q,p)*pow(y,r*w%q,p)%p)%q)(pow(s,q-2,q))==r
and m)(0xb80b5dacabab6145,0xf70027d345023,0x7643bc4018957897,0x11c2e5d9951130c9
,0xa54d9cbe4e8ab,0x746c50eaa1910, "Simon Tatham <anakin at pobox.com>" ))
More information about the PuTTY-announce
mailing list