[ubuntu/trusty-security] putty 0.63-4ubuntu0.1 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Tue Jun 23 12:29:20 UTC 2015


putty (0.63-4ubuntu0.1) trusty-security; urgency=medium

  * SECURITY UPDATE: PuTTY did not properly wipe SSH-2 Private Keys from
    system memory, which can allow local users to obtain sensitive information
    by reading the memory. (LP: #1467631)
    - debian/patches/private-key-not-wiped-2.patch: Add in fix patch from
      Debian 0.63-10 packaging.  Thanks to Patrick Coleman for the original
      patch.
    - CVE-2015-2157

Date: 2015-06-23 11:42:13.560190+00:00
Changed-By: Thomas Ward <teward at trekweb.org>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/putty/0.63-4ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Trusty-changes mailing list