Information on source package putty

Available versions

ReleaseVersion
wheezy (security)0.62-9+deb7u3
jessie (security)0.63-10+deb8u1
stretch0.67-3
sid0.67-3

Open issues

BugwheezyjessiestretchsidDescription
CVE-2017-6542vulnerablevulnerablefixedfixedThe ssh_agent_channel_data function in PuTTY before 0.68 allows remote ...
CVE-2016-2563vulnerable (no DSA)vulnerable (no DSA)fixedfixedStack-based buffer overflow in the SCP command-line utility in PuTTY ...

Resolved issues

BugDescription
TEMP-0000000-F707E4MATTA-2015-002: Enforce acceptable range for Diffie-Hellman server value
CVE-2016-6167Multiple untrusted search path vulnerabilities in Putty beta 0.67 ...
CVE-2015-5309Integer overflow in the terminal emulator in PuTTY before 0.66 allows ...
CVE-2015-2157The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY ...
CVE-2013-4852Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and ...
CVE-2013-4208The rsa_verify function in PuTTY before 0.63 (1) does not clear ...
CVE-2013-4207Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH ...
CVE-2013-4206Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY ...
CVE-2011-4607PuTTY 0.59 through 0.61 does not clear sensitive process memory when ...
CVE-2006-7162PuTTY 0.59 and earlier uses weak file permissions for (1) ppk files ...
CVE-2005-0467Multiple integer overflows in the (1) sftp_pkt_getstring and (2) ...
CVE-2004-1440Multiple heap-based buffer overflows in the modpow function in PuTTY ...
CVE-2004-1008Integer signedness error in the ssh2_rdpkt function in PuTTY before ...
CVE-2003-0069The PuTTY terminal emulator 0.53 allows attackers to modify the window ...
CVE-2003-0048PuTTY 0.53b and earlier does not clear logon credentials from memory, ...

Security announcements

DSA / DLADescription
DSA-3409-1putty - security update
DSA-3409-1putty - security update
DLA-347-1putty - security update
DSA-3190-1putty - security update
DLA-173-1putty - security update
DSA-2736-1putty - several
DSA-2736-1putty - several

Search for package or bug name: Reporting problems