Package: putty / 0.60+2010-02-20-1+squeeze4

Metadata

Package Version Patches format
putty 0.60+2010-02-20-1+squeeze4 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
password not wiped.patch | (download)

ssh.c | 7 7 + 0 - 0 !
1 file changed, 7 insertions(+)

 passwords were left in memory using ssh keyboard-interactive auth
vuln modmul.patch | (download)

sshbn.c | 7 7 + 0 - 0 !
1 file changed, 7 insertions(+)

 cve-2013-4206
 Buffer underrun in modmul could corrupt the heap.
vuln signature stringlen.patch | (download)

import.c | 2 1 + 1 - 0 !
sshdss.c | 7 6 + 1 - 0 !
sshrsa.c | 4 4 + 0 - 0 !
3 files changed, 11 insertions(+), 2 deletions(-)

 cve-2013-4852
 Negative string length in public-key signatures could cause integer
 overflow and overwrite all of memory.
vuln bignum division by zero.patch | (download)

sshbn.c | 71 63 + 8 - 0 !
sshdss.c | 44 35 + 9 - 0 !
sshrsa.c | 16 13 + 3 - 0 !
sshrsag.c | 4 4 + 0 - 0 !
4 files changed, 115 insertions(+), 20 deletions(-)

 cve-2013-4207
 Non-coprime values in DSA signatures can cause buffer overflow in modular
 inverse.
private key not wiped.patch | (download)

sshdss.c | 16 12 + 4 - 0 !
sshrsa.c | 2 2 + 0 - 0 !
2 files changed, 14 insertions(+), 4 deletions(-)

 cve-2013-4208
 Private keys were left in memory after being used by PuTTY tools.
proactive tightening.patch | (download)

import.c | 41 30 + 11 - 0 !
misc.c | 23 23 + 0 - 0 !
misc.h | 2 2 + 0 - 0 !
sftp.c | 2 1 + 1 - 0 !
ssh.c | 128 97 + 31 - 0 !
sshdss.c | 2 1 + 1 - 0 !
sshpubk.c | 2 1 + 1 - 0 !
sshrsa.c | 2 1 + 1 - 0 !
unix/uxagentc.c | 3 1 + 2 - 0 !
windows/winpgnt.c | 41 23 + 18 - 0 !
10 files changed, 180 insertions(+), 66 deletions(-)

 proactive potentially-security-relevant tightening
 Tighten up a lot of casts from unsigned to int which are read by one of the
 GET_32BIT macros and then used as length fields.  Missing bounds checks
 against zero have been added, and also I've introduced a helper function
 toint() which casts from unsigned to int in such a way as to avoid C
 undefined behaviour, since I'm not sure I trust compilers any more to do
 the obviously sensible thing.
enforce dh range.patch | (download)

ssh.c | 7 7 + 0 - 0 !
ssh.h | 1 1 + 0 - 0 !
sshdh.c | 24 24 + 0 - 0 !
3 files changed, 32 insertions(+)

 enforce acceptable range for diffie-hellman server value
 Florent Daigniere of Matta points out that RFC 4253 actually
 _requires_ us to refuse to accept out-of-range values, though it isn't
 completely clear to me why this should be a MUST on the receiving end.
 .
 Matta considers this to be a security vulnerability, on the grounds
 that if a server should accidentally send an obviously useless value
 such as 1 then we will fail to reject it and agree a key that an
 eavesdropper could also figure out. Their id for this vulnerability is
 MATTA-2015-002.
ssh 1 key load length.patch | (download)

sshpubk.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 fix an erroneous length field in ssh-1 key load
 We incremented buf by a few bytes, so we must decrement the
 corresponding length by the same amount, or else makekey() could
 overrun.
 . 
 Thanks to Patrick Coleman for the patch.
private key not wiped 2.patch | (download)

sshpubk.c | 18 14 + 4 - 0 !
1 file changed, 14 insertions(+), 4 deletions(-)

 add some missing memsets and sfrees
 The absence of these could have prevented sensitive private key
 information from being properly cleared out of memory that PuTTY tools
 had finished with.
 . 
 Thanks to Patrick Coleman for spotting this and sending a patch.
more robust control sequence parameter handling.patch | (download)

terminal.c | 49 43 + 6 - 0 !
terminal.h | 2 1 + 1 - 0 !
2 files changed, 44 insertions(+), 7 deletions(-)

 more robust control sequence parameter handling.