PuTTY 0.76 - Telnet und SSH Client

alles was mit LAN, Proxies, Netzwerkmonitor, usw. zu tun hat.

Moderatoren: |Gordon|, Jean, Moderatoren

Benutzeravatar
jasonliul
Mitglied
Beiträge: 1654
Registriert: 15.10.16, 23:45

Re: PuTTY 0.71 - Telnet und SSH Client

Beitrag von jasonliul »

v 0.72 (released 2019-07-20):

Security fixes found by the EU-funded bug bounty:
two separate vulnerabilities affecting the obsolete SSH-1 protocol, both available before host key checking
a vulnerability in all the SSH client tools (PuTTY, Plink, PSFTP and PSCP) if a malicious program can impersonate Pageant
...
Fortuna fortes juvat.
Jean
Beiträge: 12849
Registriert: 30.10.01, 12:41

Re: PuTTY 0.72 - Telnet und SSH Client

Beitrag von Jean »

v. 0.73 - weniger Fehler
Security fix: on Windows, other applications were able to bind to the same TCP port as a PuTTY local port forwarding.
Security fix: in bracketed paste mode, the terminal escape sequences that should delimit the pasted data were appearing together on one side of it, making it possible to misidentify pasted data as manual keyboard input.
Benutzeravatar
Gordon
Beiträge: 15224
Registriert: 06.01.02, 18:46

Re: PuTTY 0.74 - Telnet und SSH Client

Beitrag von Gordon »

PuTTY 0.74, released today, is a bug-fix and security release. It fixes bugs in 0.73, including one possible vulnerability, and also adds a new configuration option to mitigate a minor information leak in SSH host key policy.
Trypanophobie ist heilbar - es gibt eine Spritze dagegen!
Benutzeravatar
jasonliul
Mitglied
Beiträge: 1654
Registriert: 15.10.16, 23:45

Re: PuTTY 0.74 - Telnet und SSH Client

Beitrag von jasonliul »

v 0.75
Security fix: on Windows, a server could DoS the whole Windows GUI by telling the PuTTY window to change its title repeatedly at high speed.
Pageant now supports loading a key still encrypted, and decrypting it later by prompting for the passphrase on first use.
Upgraded default SSH key fingerprint format to OpenSSH-style SHA-256.
Upgraded private key file format to PPK3, with improved passphrase hashing and no use of SHA-1.
Terminal now supports ESC [ 9 m for strikethrough text.
New protocols: bare ssh-connection layer for use over already-secure IPC channels, and SUPDUP for talking to very old systems such as PDP-10s.
PuTTYgen now supports alternative provable-prime generation algorithm for RSA and DSA.
The Unix tools can now connect directly to a Unix-domain socket.
Fortuna fortes juvat.
Benutzeravatar
jasonliul
Mitglied
Beiträge: 1654
Registriert: 15.10.16, 23:45

Re: PuTTY 0.75 - Telnet und SSH Client

Beitrag von jasonliul »

v 0.76 (released 2021-07-17):
New option to abandon an SSH connection if the server allows you to authenticate in a trivial manner.
...
Fortuna fortes juvat.
Antworten