Recommended update for putty (moderate)

ID OPENSUSE-SU-2019:2017-1
Type suse
Reporter Suse
Modified 2019-08-27T00:10:46


This update for putty fixes the following issues:

Update to new upstream release 0.72 [boo#1144547, boo#1144548]

  • Fixed two separate vulnerabilities affecting the obsolete SSH-1 protocol, both available before host key checking.
  • Fixed a vulnerability in all the SSH client tools (PuTTY, Plink, PSFTP and PSCP) if a malicious program can impersonate Pageant.
  • Fixed a crash in GSSAPI / Kerberos key exchange triggered if the server provided an ordinary SSH host key as part of the exchange.

This update was imported from the openSUSE:Leap:15.0:Update update project.