[ubuntu/quantal-security] putty 0.62-9ubuntu0.1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed Aug 7 13:19:21 UTC 2013
putty (0.62-9ubuntu0.1) quantal-security; urgency=low
* CVE-2013-4206: Buffer underrun in modmul could corrupt the heap.
* CVE-2013-4852: Negative string length in public-key signatures could
cause integer overflow and overwrite all of memory (closes: #718779).
* CVE-2013-4207: Non-coprime values in DSA signatures can cause buffer
overflow in modular inverse.
* CVE-2013-4208: Private keys were left in memory after being used by
PuTTY tools.
* Backport some general proactive potentially-security-relevant tightening
from upstream.
Date: 2013-08-07 12:16:21.443233+00:00
Changed-By: Colin Watson <cjwatson at canonical.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/quantal/+source/putty/0.62-9ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Quantal-changes
mailing list