PuTTY 0.84 is released

Simon Tatham anakin at pobox.com
Fri May 22 11:50:55 BST 2026 

PuTTY version 0.84 is released
------------------------------

All the pre-built binaries, and the source code, are now available
from the PuTTY website at

    https://www.chiark.greenend.org.uk/~sgtatham/putty/

0.84 fixes the following security vulnerabilities:

 - Previous versions of PuTTY can be made to crash during SSH
   connection startup, by a malicious server or a MITM attacker
   substituting malicious data in the initial SSH key exchange. Two
   different bugs allow the server to cause an assertion failure or a
   double-free crash.

 - If you use an old insecure connection protocol like Telnet, and
   connect through a proxy server that requires you to enter a
   password, then the whole Telnet connection was accidentally marked
   with the 'trust sigil' that distinguishes prompts from PuTTY itself
   from prompts sent by the server. This could conceivably have fooled
   a user into believing a malicious server's phony request for your
   proxy password.

0.84 has some new features:

 - PuTTY now has the option to run a user-specified command before
   making its main network connection. You could use this, for
   example, to perform a port knock or other network operation that
   temporarily opens the port you want to connect to.

 - On Unix, PuTTY's terminal now supports displaying 'pre-edit text',
   showing what you have typed so far while you're entering a
   multi-key sequence that generates a single Unicode character.

0.84 also has various bug fixes:

 - In the Unix version, you couldn't configure a certificate authority
   for certified host keys using the GUI, unless you had first
   manually created the directory where PuTTY stores the configuration.

 - Fixed spurious error "Network error: Socket is not connected" when
   connecting via an HTTP proxy that requires authentication.

 - On Windows, if you disable cursor blinking systemwide in Control
   Panel but have it turned on in PuTTY, PuTTY would blink the cursor
   frantically.

 - Improved support for running the Unix version on Wayland: pterm
   won't crash when trying to stamp utmp, and a sensible default font
   will be selected instead of complaining about trad X11 'fixed'
   being missing.

Enjoy using PuTTY!

Cheers,
Simon



-- 
import hashlib; print((lambda p,q,g,y,r,s,m: (lambda w:(pow(g,int(hashlib.sha1(
m.encode('ascii')).hexdigest(),16)*w%q,p)*pow(y,r*w%q,p)%p)%q)(pow(s,q-2,q))==r
and s%q!=0 and m)(12342649995480866419, 2278082317364501, 1670428356600652640,
5398151833726432125, 645223105888478, 1916678356240619, "<anakin at pobox.com>"))

More information about the PuTTY-announce mailing list