From anakin at pobox.com  Mon Apr 15 20:18:34 2024
From: anakin at pobox.com (Simon Tatham)
Date: Mon, 15 Apr 2024 20:18:34 +0100
Subject: PuTTY 0.81 is released
Message-ID: <1713208675-sup-6254@thyestes.tartarus.org>

PuTTY version 0.81 is released
------------------------------

All the pre-built binaries, and the source code, are now available
from the PuTTY website at

    https://www.chiark.greenend.org.uk/~sgtatham/putty/

This is a SECURITY UPDATE. We recommend that _everybody_ upgrade, as
soon as possible.

Additionally, if you have any 521-bit ECDSA private keys that you've
used with PuTTY, you should consider them to be compromised: generate
new keys, and remove the old public keys from any authorized_keys
files.

The only change between 0.80 and 0.81 is one security fix:

 - ECDSA signatures using 521-bit keys (the NIST P521 curve, otherwise
   known as ecdsa-sha2-nistp521) were generated with biased random
   numbers. This permits an attacker in possession of a few dozen
   signatures to RECOVER THE PRIVATE KEY.

   Any 521-bit ECDSA private key that PuTTY or Pageant has used to
   sign anything should be considered compromised.

   This vulnerability has the identifier CVE-2024-31497.

Enjoy using PuTTY!

-- 
import hashlib; print((lambda p,q,g,y,r,s,m: (lambda w:(pow(g,int(hashlib.sha1(
m.encode('ascii')).hexdigest(),16)*w%q,p)*pow(y,r*w%q,p)%p)%q)(pow(s,q-2,q))==r
and s%q!=0 and m)(12342649995480866419, 2278082317364501, 1670428356600652640,
5398151833726432125, 645223105888478, 1916678356240619, "<anakin at pobox.com>"))