[ubuntu/raring-updates] putty 0.62-10ubuntu0.1 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Wed Aug 7 13:58:13 UTC 2013

putty (0.62-10ubuntu0.1) raring-security; urgency=low

  * CVE-2013-4206: Buffer underrun in modmul could corrupt the heap.
  * CVE-2013-4852: Negative string length in public-key signatures could
    cause integer overflow and overwrite all of memory (closes: #718779).
  * CVE-2013-4207: Non-coprime values in DSA signatures can cause buffer
    overflow in modular inverse.
  * CVE-2013-4208: Private keys were left in memory after being used by
    PuTTY tools.
  * Backport some general proactive potentially-security-relevant tightening
    from upstream.

Date: 2013-08-07 12:16:19.690175+00:00
Changed-By: Colin Watson <cjwatson at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Raring-changes mailing list