[pkgsrc/trunk]: pkgsrc/security/putty putty: Update to 0.74

To: source-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/security/putty putty: Update to 0.74
From: ryoon <ryoon%pkgsrc.org@localhost>
Date: Mon, 29 Jun 2020 13:01:20 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/0240344eecf1
branches:  trunk
changeset: 434949:0240344eecf1
user:      ryoon <ryoon%pkgsrc.org@localhost>
date:      Mon Jun 29 11:49:50 2020 +0000

description:
putty: Update to 0.74

Changelog:
This release fixes the following security issues:

 - In some situations an SSH server could cause PuTTY to access freed
   mdmory by pretending to accept an SSH key and then refusing the
   actual signature. It can only happen if you're using an SSH agent.

 - New configuration option to disable PuTTY's default policy of
   changing its host key algorithm preferences to prefer keys it
   already knows. (There is a theoretical information leak in this
   policy.)

Other bug fixes include:

 - Windows installer: the text in the installer UI is now visible in
   Windows high-contrast mode. (Previously it was white on white by
   mistake.)

 - Windows 7: fixed spurious OS out-of-memory error when reading
   passwords from a Windows console (e.g. psftp).

 - Terminal crash: the dreaded "line==NULL" error could happen if an
   application switched between the main and alternate screens while
   the user was looking at the scrollback.

 - Terminal crash: the terminal could fail an assertion when sending
   an empty answerback string, and when pasting text none of whose
   characters exist in the selected character set.

 - SSH: fixed endless memory-allocating loop that could be triggered
   by the combination of a misbehaving SSH agent and PuTTY's bug
   compatibility mode for padded RSA signatures.

 - File transfer: when uploading files to some SFTP servers (e.g. the
   one in proftpd's mod_sftp), PSFTP would consume up to 4GB of local
   memory before sending anything to the server.

 - Terminal behaviour: sometimes the cursor was put in the wrong place
   after restoring from the alternate screen.

 - GTK: fixed font size calculation when using newer Pango libraries
   (e.g. the one on Ubuntu 20.04).

 - GTK: scroll wheel events now work in unusual environments like VNC.

diffstat:

 security/putty/Makefile                   |   5 ++---
 security/putty/distinfo                   |  11 +++++------
 security/putty/patches/patch-unix_uxucs.c |  13 -------------
 3 files changed, 7 insertions(+), 22 deletions(-)

diffs (54 lines):

diff -r fc1cf1b811d3 -r 0240344eecf1 security/putty/Makefile
--- a/security/putty/Makefile   Mon Jun 29 11:39:19 2020 +0000
+++ b/security/putty/Makefile   Mon Jun 29 11:49:50 2020 +0000
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.61 2020/03/10 22:10:55 wiz Exp $
+# $NetBSD: Makefile,v 1.62 2020/06/29 11:49:50 ryoon Exp $
 #
 
-DISTNAME=      putty-0.73
-PKGREVISION=   2
+DISTNAME=      putty-0.74
 CATEGORIES=    security
 MASTER_SITES=  http://the.earth.li/~sgtatham/putty/${PKGVERSION_NOREV}/
 
diff -r fc1cf1b811d3 -r 0240344eecf1 security/putty/distinfo
--- a/security/putty/distinfo   Mon Jun 29 11:39:19 2020 +0000
+++ b/security/putty/distinfo   Mon Jun 29 11:49:50 2020 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.28 2019/12/19 22:22:33 joerg Exp $
+$NetBSD: distinfo,v 1.29 2020/06/29 11:49:50 ryoon Exp $
 
-SHA1 (putty-0.73.tar.gz) = 17daebb82e476adfd578f6934c28f4d2c209b7d8
-RMD160 (putty-0.73.tar.gz) = 9e7c0084464963581bc47ce1b87e25ba51d27743
-SHA512 (putty-0.73.tar.gz) = 4ada4b8c6d68be44afede2676bc661fedfd1ea0b574b8232ad9aaa6f3a48baa9f4f0ded2955b3f2677a14db85a508f53c965cb00fcd7538a1ed9844031f0c5e5
-Size (putty-0.73.tar.gz) = 2459115 bytes
+SHA1 (putty-0.74.tar.gz) = 17b160e9720f67f9af9399d7d185b913b81f18fe
+RMD160 (putty-0.74.tar.gz) = 0bcc5b606f19379168d19de6f5b764a7c2753bf5
+SHA512 (putty-0.74.tar.gz) = 0da86849ea764cd88643bd2c1984ac7211ae72dd7c41232307b1960a29ca9518044b022d87c60272d6db71a3357026862a112bedb90ee732b41494fca3acde9b
+Size (putty-0.74.tar.gz) = 2476513 bytes
 SHA1 (patch-ldisc.c) = cf31a65f920a3ea9b4a70602e4b2fd4d5df8d3e8
 SHA1 (patch-misc.c) = fa1c2db8eb20ceaadb4b57b6aefa57f22d2ae26f
 SHA1 (patch-terminal.c) = 30d6196e371b5369f9ea69e193662a47dbefaa10
@@ -11,4 +11,3 @@
 SHA1 (patch-unix_Makefile.gtk) = 7fe7859ad91afb57ef3ba31194ffd2ef784f638d
 SHA1 (patch-unix_uxnet.c) = 2d1c2939721993fe5616c2fe3f1935c03a31bb35
 SHA1 (patch-unix_uxpgnt.c) = b5625b33b940ea2870d3e91d38e2303a80d6887b
-SHA1 (patch-unix_uxucs.c) = 47791025e5375e9e8649ce24bc9efff3c7d29ab4
diff -r fc1cf1b811d3 -r 0240344eecf1 security/putty/patches/patch-unix_uxucs.c
--- a/security/putty/patches/patch-unix_uxucs.c Mon Jun 29 11:39:19 2020 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,13 +0,0 @@
-$NetBSD: patch-unix_uxucs.c,v 1.3 2019/10/01 15:22:41 ryoon Exp $
-
---- unix/uxucs.c.orig  2019-09-22 09:14:52.000000000 +0000
-+++ unix/uxucs.c
-@@ -68,7 +68,7 @@ int wc_to_mb(int codepage, int flags, co
-         memset(&state, 0, sizeof state);
- 
-         while (wclen > 0) {
--            int i = wcrtomb(output, wcstr[0], &state);
-+            size_t i = wcrtomb(output, wcstr[0], &state);
-             if (i == (size_t)-1 || i > n - mblen)
-                 break;
-             memcpy(mbstr+n, output, i);

Prev by Date: [pkgsrc/trunk]: pkgsrc/doc doc: Updated net/gallery-dl to 1.14.2
Next by Date: [pkgsrc/trunk]: pkgsrc/doc doc: Updated security/putty to 0.74
Previous by Thread: [pkgsrc/trunk]: pkgsrc/doc doc: Updated net/gallery-dl to 1.14.2
Next by Thread: [pkgsrc/trunk]: pkgsrc/doc doc: Updated security/putty to 0.74
Indexes:

Home | Main Index | Thread Index | Old Index