File: changelog

package info (click to toggle)
putty 0.74-1%2Bdeb11u2
links: PTS, VCS
area: main
in suites: bullseye
size: 13,020 kB
sloc: ansic: 114,140; python: 4,372; perl: 3,511; sh: 1,563; makefile: 167
file content (956 lines) | stat: -rw-r--r-- 36,875 bytes
putty (0.74-1+deb11u2) bullseye; urgency=medium

  * Non-maintainer upload.
  * Cherry-pick from upstream:
    - Refactor the ssh_hash vtable.
    - Add an extra HMAC constructor function.
    - Fix CVE-2024-31497: biased ECDSA nonce generation allows an attacker
      to recover a user's NIST P-521 secret key via a quick attack in
      approximately 60 signatures. In other words, an adversary
      may already have enough signature information to compromise a victim's
      private key, even if there is no further use of vulnerable PuTTY
      versions.

 -- Bastien Roucariès <rouca@debian.org>  Tue, 16 Jul 2024 10:13:59 +0000

putty (0.74-1+deb11u1) bullseye-security; urgency=medium

  * Cherry-pick from upstream:
    - CVE-2021-36367: New option to reject 'trivial' success of userauth
      (closes: #990901).
    - New macro PTRLEN_DECL_LITERAL.
    - Extra utility function add_to_commasep_pl.
    - CVE-2023-48795: Support OpenSSH's new strict kex feature (thanks to
      Simon Tatham for backporting assistance).
    Note that this does _not_ include upstream's added UI warning for
    servers vulnerable to Terrapin, which was too difficult to backport to
    this version.

 -- Colin Watson <cjwatson@debian.org>  Fri, 22 Dec 2023 17:36:21 +0000

putty (0.74-1) unstable; urgency=medium

  * New upstream release.
    - SECURITY: Key list from agent used after free if server rejects
      signature after PK_OK.
    - CVE-2020-14002: Dynamic host key policy leaks information about known
      host keys.

 -- Colin Watson <cjwatson@debian.org>  Sat, 27 Jun 2020 13:43:16 +0100

putty (0.73-3) unstable; urgency=medium

  * Cherry-pick from upstream:
    - pty_backend_create: set up SIGCHLD handler earlier (closes: #959396).

 -- Colin Watson <cjwatson@debian.org>  Fri, 08 May 2020 15:52:01 +0100

putty (0.73-2) unstable; urgency=medium

  * Cherry-pick from upstream:
    - gtkfont: use PANGO_PIXELS_CEIL to work out font metrics (fixes
      rendering regression at some font sizes with Pango 1.44).

 -- Colin Watson <cjwatson@debian.org>  Sun, 05 Apr 2020 12:22:42 +0100

putty (0.73-1) unstable; urgency=medium

  * New upstream release.

 -- Colin Watson <cjwatson@debian.org>  Sun, 29 Sep 2019 17:10:38 +0100

putty (0.72-2) unstable; urgency=medium

  * Use debhelper-compat instead of debian/compat.
  * Port mkicon.py to Python 3 and drop build-dependency on python (closes:
    #937380).

 -- Colin Watson <cjwatson@debian.org>  Sat, 31 Aug 2019 21:46:04 +0100

putty (0.72-1) unstable; urgency=medium

  * New upstream release.
  * Explicitly build-depend on python3, for test/cryptsuite.py.

 -- Colin Watson <cjwatson@debian.org>  Tue, 23 Jul 2019 10:49:47 +0100

putty (0.71-1) experimental; urgency=medium

  * Add new upstream release signing key to debian/upstream/signing-key.asc
    (see https://www.chiark.greenend.org.uk/~sgtatham/putty/keys.html).
  * New upstream release (see
    https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html).
    - Make "putty user@host" work (closes: #509194).

 -- Colin Watson <cjwatson@debian.org>  Wed, 20 Mar 2019 13:11:14 +0000

putty (0.70-6) unstable; urgency=high

  * Apply security patch series from upstream:
    - New facility for removing pending toplevel callbacks.
    - Fix one-byte buffer overrun in random_add_noise().
    - uxnet: clean up callbacks when closing a NetSocket.
    - sk_tcp_close: fix memory leak of output bufchain.
    - Fix handling of bad RSA key with n=p=q=0.
    - Sanity-check the 'Public-Lines' field in ppk files.
    - Introduce an enum of the uxsel / select_result flags.
    - Switch to using poll(2) in place of select(2).
    - RSA kex: enforce the minimum key length.
    - Fix crash on ESC#6 + combining chars + GTK + odd-width terminal.
    - Limit the number of combining chars per terminal cell.
    - minibidi: fix read past end of line in rule W5.
    - Fix crash printing a width-2 char in a width-1 terminal.

 -- Colin Watson <cjwatson@debian.org>  Sun, 17 Mar 2019 09:37:02 +0000

putty (0.70-5) unstable; urgency=medium

  [ Colin Watson ]
  * Mark all binary packages Multi-Arch: foreign.
  * Configure with --disable-git-commit to avoid a build failure due to
    trying to redefine SOURCE_COMMIT when building from the Debian git tree.
  * Cherry-pick from upstream:
    - Remove a fixed-size buffer in pscp.c (closes: #911955).
    - Remove a fixed-size buffer in cmdgen.c.
    - Stop using deprecated gtk_container_set_focus_chain().

  [ Niels Thykier ]
  * Declare the explicit requirement for (fake)root.

 -- Colin Watson <cjwatson@debian.org>  Sun, 28 Oct 2018 18:07:45 +0000

putty (0.70-4) unstable; urgency=medium

  * Cherry-pick from upstream:
    - Ignore spurious configure_area events, which caused a lot of
      flickering on GTK+ 3.

 -- Colin Watson <cjwatson@debian.org>  Thu, 05 Apr 2018 00:27:48 +0100

putty (0.70-3) unstable; urgency=medium

  * Use GDK_BACKEND x11 when built with X support (thanks, Andreas
    Henriksson; closes: #861603).

 -- Colin Watson <cjwatson@debian.org>  Tue, 03 Apr 2018 02:03:31 +0100

putty (0.70-2) unstable; urgency=medium

  * Move VCS to salsa.debian.org.
  * Cherry-pick from upstream:
    - Use gdk_display_beep() in place of obsolete gdk_beep() (closes:
      #891519).

 -- Colin Watson <cjwatson@debian.org>  Sun, 04 Mar 2018 18:20:39 +0000

putty (0.70-1) unstable; urgency=medium

  * New upstream release.

 -- Colin Watson <cjwatson@debian.org>  Sat, 08 Jul 2017 13:19:23 +0100

putty (0.69-2) unstable; urgency=medium

  * Update Homepage and debian/copyright download URL to use HTTPS.
  * Upload to unstable.

 -- Colin Watson <cjwatson@debian.org>  Sun, 18 Jun 2017 12:20:31 +0100

putty (0.69-1) experimental; urgency=medium

  * New upstream release.

 -- Colin Watson <cjwatson@debian.org>  Sat, 29 Apr 2017 13:14:57 +0100

putty (0.68-2) experimental; urgency=medium

  * Move pageant from putty-tools to putty, since it depends on GTK+
    (thanks, Dr. Markus Waldeck).

 -- Colin Watson <cjwatson@debian.org>  Sun, 02 Apr 2017 17:26:23 +0100

putty (0.68-1) experimental; urgency=medium

  * New upstream release.
    - Supports elliptic-curve cryptography for host keys, user
      authentication keys, and key exchange (closes: #854287).
    - Ported to GTK+ 3.
  * Use HTTPS URL in debian/watch.
  * Install Pageant, which is now ported to Unix.
  * Cherry-pick a set of upstream patches to get things working with GTK+
    3.22:
    - Handle GTK 3.22's deprecation of gdk_cairo_create().
    - Handle deprecation of gtk_menu_popup.
    - Use CSS to set window backgrounds with GTK+ 3.
    - Handle deprecation of gdk_screen_{width,height}.
    - Replace deprecated gtk_window_set_wmclass with raw Xlib.
    - Change Cairo image surface type from RGB24 to ARGB32.
  * Update download URL in debian/copyright (thanks, Dr. Markus Waldeck).

 -- Colin Watson <cjwatson@debian.org>  Sun, 02 Apr 2017 00:16:29 +0100

putty (0.67-3) unstable; urgency=high

  * CVE-2017-6542: Sanity-check message length fields in CHAN_AGENT input
    (thanks, Simon Tatham; closes: #857642).

 -- Colin Watson <cjwatson@debian.org>  Wed, 22 Mar 2017 14:42:13 +0000

putty (0.67-2) unstable; urgency=medium

  * Backport from upstream:
    - Add command-line passphrase-file options to command-line PuTTYgen.

 -- Colin Watson <cjwatson@debian.org>  Fri, 18 Mar 2016 22:32:33 +0000

putty (0.67-1) unstable; urgency=high

  * New upstream release.
    - CVE-2016-2563: Fix buffer overrun in the old-style SCP protocol
      (closes: #816921).

 -- Colin Watson <cjwatson@debian.org>  Sun, 06 Mar 2016 18:41:16 +0000

putty (0.66-4) unstable; urgency=medium

  * Use HTTPS for Vcs-* URLs, and link to cgit rather than gitweb.
  * Fix misleading-indentation and strict-aliasing warnings from GCC 6
    (closes: #811581).

 -- Colin Watson <cjwatson@debian.org>  Fri, 05 Feb 2016 13:47:21 +0000

putty (0.66-3) unstable; urgency=medium

  * Add a Homepage field.
  * Add Keywords fields to pterm.desktop and putty.desktop.
  * Build with large file support.

 -- Colin Watson <cjwatson@debian.org>  Mon, 04 Jan 2016 15:18:57 +0000

putty (0.66-2) unstable; urgency=medium

  * Fix dh_fixperms override to work properly with an
    architecture-independent-only build (closes: #806098).
  * Do much less work in architecture-independent-only builds.
  * Fix build failure on GNU/Hurd (closes: #805505).

 -- Colin Watson <cjwatson@debian.org>  Tue, 24 Nov 2015 17:10:21 +0000

putty (0.66-1) unstable; urgency=high

  * New upstream release.
    - CVE-2015-5309: Fix a potentially memory-corrupting integer overflow in
      the handling of the ECH (erase characters) control sequence in the
      terminal emulator.
  * Use dh-exec to remove the need to override dh_install.
  * Add OpenPGP signature checking configuration to watch file.

 -- Colin Watson <cjwatson@debian.org>  Sat, 07 Nov 2015 16:10:41 +0000

putty (0.65-2) unstable; urgency=medium

  * Backport from upstream:
    - Performance: cache character widths returned from Pango (closes:
      #792258).

 -- Colin Watson <cjwatson@debian.org>  Sun, 23 Aug 2015 18:47:52 +0100

putty (0.65-1) unstable; urgency=medium

  * New upstream release.

 -- Colin Watson <cjwatson@debian.org>  Tue, 28 Jul 2015 11:18:13 +0100

putty (0.64-1) unstable; urgency=medium

  * New upstream release.
    - Support sharing an SSH connection between multiple instances of PuTTY
      and its tools.
    - Add a command-line and config option to specify the expected host
      key(s).

 -- Colin Watson <cjwatson@debian.org>  Sun, 14 Jun 2015 11:03:52 +0100

putty (0.63-10) unstable; urgency=medium

  * Backport from upstream:
    - Make kh2reg.py compatible with modern Python.
    - MATTA-2015-002: Enforce acceptable range for Diffie-Hellman server
      value.
    - Fix an erroneous length field in SSH-1 key load.
    - CVE-2015-2157: Fix failure to clear sensitive private key information
      from memory (closes: #779488).

 -- Colin Watson <cjwatson@debian.org>  Sun, 01 Mar 2015 12:59:15 +0000

putty (0.63-9) unstable; urgency=medium

  * Backport from upstream (Simon Tatham):
    - Revert the default for font bolding style back to using colours rather
      than fonts (closes: #772948).

 -- Colin Watson <cjwatson@debian.org>  Sat, 13 Dec 2014 10:11:04 +0000

putty (0.63-8) unstable; urgency=medium

  * Backport from upstream (Simon Tatham), suggested by Jacob Nevins:
    - Fix incorrect handling of saved sessions with a dynamic SOCKS tunnel
      bound to a specific protocol (IPv4 or IPv6).

 -- Colin Watson <cjwatson@debian.org>  Sun, 12 Oct 2014 20:47:42 +0100

putty (0.63-7) unstable; urgency=medium

  * Build with all hardening options.  (Thanks, Markus.)

 -- Colin Watson <cjwatson@debian.org>  Sun, 24 Aug 2014 00:29:36 +0100

putty (0.63-6) unstable; urgency=medium

  * Backport two upstream patches to fix runaway timer explosions (closes:
    #758473).

 -- Colin Watson <cjwatson@debian.org>  Wed, 20 Aug 2014 21:05:52 +0100

putty (0.63-5) unstable; urgency=medium

  * Backport from upstream (Simon Tatham):
    - Fix an annoying timer-handling warning from current versions of GTK.

 -- Colin Watson <cjwatson@debian.org>  Mon, 21 Apr 2014 21:57:57 +0100

putty (0.63-4) unstable; urgency=medium

  * Backport from upstream (Simon Tatham):
    - Fix assertion failure in Unix PuTTYgen exports (LP: #1289176).

 -- Colin Watson <cjwatson@debian.org>  Tue, 08 Apr 2014 12:19:08 +0100

putty (0.63-3) unstable; urgency=medium

  * Use dh-autoreconf, with the aid of a few upstream patches to make things
    work with current autotools.
  * Backport upstream patch to add some assertions in sshzlib.c, fixing
    build with -O3.

 -- Colin Watson <cjwatson@debian.org>  Wed, 12 Mar 2014 12:07:04 +0000

putty (0.63-2) unstable; urgency=low

  * Support parallel builds.
  * Switch to git; adjust Vcs-* fields.

 -- Colin Watson <cjwatson@debian.org>  Wed, 08 Jan 2014 13:01:57 +0000

putty (0.63-1) unstable; urgency=low

  * New upstream release.
    - CVE-2013-4206: Buffer underrun in modmul could corrupt the heap.
    - CVE-2013-4852: Negative string length in public-key signatures could
      cause integer overflow and overwrite all of memory (closes: #718779).
    - CVE-2013-4207: Non-coprime values in DSA signatures can cause buffer
      overflow in modular inverse.
    - CVE-2013-4208: Private keys were left in memory after being used by
      PuTTY tools.
    - Allow using a bold colour and a bold font at the same time (closes:
      #193352).
    - Use a monotonic clock (closes: #308552).
  * Switch to the Autotools-based build system.
  * Upgrade to debhelper v9.

 -- Colin Watson <cjwatson@debian.org>  Wed, 07 Aug 2013 04:00:18 +0100

putty (0.62-11) unstable; urgency=low

  * Backport from upstream (Ben Harris, Simon Tatham):
    - Avoid function pointer comparison when using clang.

 -- Colin Watson <cjwatson@debian.org>  Tue, 04 Jun 2013 15:45:00 +0100

putty (0.62-10) unstable; urgency=low

  * Backport from upstream (Simon Tatham, closes: #701425):
    - Check the return values of setuid and friends.
    - Remove the half-hearted attempt to make the utmp helper process drop
      privileges just before dying of a fatal signal.

 -- Colin Watson <cjwatson@debian.org>  Mon, 25 Feb 2013 20:36:40 +0000

putty (0.62-9) unstable; urgency=low

  * Backport from upstream (Simon Tatham):
    - Fix handling of non-default numeric keypad modes when Num Lock is on
      (closes: #680261).

 -- Colin Watson <cjwatson@debian.org>  Thu, 23 Aug 2012 12:58:52 +0100

putty (0.62-8) unstable; urgency=low

  * Backport from upstream (Simon Tatham):
    - Support dead keys and compose sequences (closes: #221786, #250464).

 -- Colin Watson <cjwatson@debian.org>  Fri, 22 Jun 2012 15:18:51 +0100

putty (0.62-7) unstable; urgency=low

  * Add System category to pterm.desktop (closes: #678126).
  * Use dpkg-buildflags to enable hardening options.

 -- Colin Watson <cjwatson@debian.org>  Tue, 19 Jun 2012 13:28:15 +0100

putty (0.62-6) unstable; urgency=low

  * Backport from upstream (Simon Tatham, Jacob Nevins):
    - Generate keys more carefully, so that when the user asks for an n-bit
      key they always get an n-bit number instead of n-1.  The latter was
      perfectly harmless but kept confusing users (closes: #661152).

 -- Colin Watson <cjwatson@debian.org>  Sun, 04 Mar 2012 16:09:28 +0000

putty (0.62-5) unstable; urgency=low

  * Ignore failures to generate PNG icons too.

 -- Colin Watson <cjwatson@debian.org>  Wed, 08 Feb 2012 19:51:39 +0000

putty (0.62-4) unstable; urgency=low

  * Ignore failures to generate XPM icons.  It's not the end of the world,
    and this fails on kFreeBSD due to some apparently undiagnosed
    imagemagick bug.
  * Drop icon-debug.patch, since it didn't especially help anyway.

 -- Colin Watson <cjwatson@debian.org>  Wed, 08 Feb 2012 15:42:14 +0000

putty (0.62-3) unstable; urgency=low

  * Fix icon-debug.patch to print debug information to stderr, not stdout.

 -- Colin Watson <cjwatson@debian.org>  Tue, 03 Jan 2012 21:34:28 +0000

putty (0.62-2) unstable; urgency=low

  * Avoid deprecated GLib functions.
  * Add temporary debugging patch to try to figure out why the
    kfreebsd-amd64 build is failing.

 -- Colin Watson <cjwatson@debian.org>  Tue, 03 Jan 2012 18:14:45 +0000

putty (0.62-1) unstable; urgency=high

  * New upstream release.
    - [SECURITY] Wipe SSH keyboard-interactive replies from memory after
      authentication.

 -- Colin Watson <cjwatson@debian.org>  Mon, 12 Dec 2011 02:05:49 +0000

putty (0.61-2) unstable; urgency=low

  * Add cross-compiling support.

 -- Colin Watson <cjwatson@debian.org>  Tue, 27 Sep 2011 14:29:27 +0100

putty (0.61-1) unstable; urgency=low

  * New upstream release.
  * Update Vcs-* fields for Alioth changes.

 -- Colin Watson <cjwatson@debian.org>  Wed, 13 Jul 2011 15:26:33 +0100

putty (0.60+2011-05-09-1) unstable; urgency=low

  * New experimental development snapshot.
    - Compiles cleanly with GCC 4.6 (closes: #625113, #625426).
  * Consistently capitalise SSH in the package description when referring to
    the protocol (closes: #610486).

 -- Colin Watson <cjwatson@debian.org>  Mon, 09 May 2011 13:45:39 +0100

putty (0.60+2010-12-08-1) unstable; urgency=low

  * New experimental development snapshot.
    - Add more possible baud rates to the Unix serial backend (closes:
      #606328).
  * Add ${misc:Depends}.
  * Remove deprecated Encoding keys from desktop files.
  * Remove deprecated Application categories from desktop files.
  * Build with GSSAPI support (using run-time library binding).

 -- Colin Watson <cjwatson@debian.org>  Wed, 08 Dec 2010 17:54:50 +0000

putty (0.60+2010-02-20-1) unstable; urgency=low

  * New experimental development snapshot.
    - Console utilities send prompts to /dev/tty or failing that stderr, not
      to stdout (closes: #422295).
  * Upgrade to debhelper v7.
  * Move documentation from putty-tools to a new putty-doc package (closes:
    #472195).
  * Add a watch file.
  * Convert to source format 3.0 (quilt).  No remaining Debian patches!

 -- Colin Watson <cjwatson@debian.org>  Mon, 22 Feb 2010 01:01:22 +0000

putty (0.60+2009-11-22-1) unstable; urgency=low

  * New experimental development snapshot.
  * Moved to bzr.debian.org; add Vcs-Bzr and Vcs-Browser control fields.

 -- Colin Watson <cjwatson@debian.org>  Fri, 01 Jan 2010 14:50:45 +0000

putty (0.60+2009-08-22-3) unstable; urgency=low

  * Use x11.pc when compiling/linking against GTK (closes: #556125).

 -- Colin Watson <cjwatson@debian.org>  Mon, 23 Nov 2009 20:39:22 +0000

putty (0.60+2009-08-22-2) unstable; urgency=low

  * Rebuild manual pages with halibut 1.0+svn20090906-1, fixing option
    markers (see #496063).
  * Stop calling dh_desktop, as it's now a no-op thanks to dpkg triggers.

 -- Colin Watson <cjwatson@debian.org>  Mon, 07 Sep 2009 01:22:17 +0100

putty (0.60+2009-08-22-1) unstable; urgency=low

  * New experimental development snapshot.
    - Fix potential crash on "reget" in psftp.
    - Fix random seed behaviour in the absence of a seed file.
    - Support OpenSSH's method of specifying port numbers in known_hosts.
    - Improve Pango font handling performance.
  * Use dh_install, dh_installman, and dh_lintian, and use some other
    debhelper programs more effectively.
  * Upgrade to debhelper v6.

 -- Colin Watson <cjwatson@debian.org>  Tue, 25 Aug 2009 21:50:05 +0100

putty (0.60+2009-04-05-1) unstable; urgency=low

  * New experimental development snapshot.
    - Stop attempting to make session logs private on Unix. This was
      introduced in r7084 at the same time as sensible permissions when
      writing private key files; however, it causes an assertion failure
      whenever an attempt is made to append to an existing log file on Unix,
      and it's not clear what "is_private" *should* do for append, so revert
      to log file security being the user's responsibility (LP: #212711).
    - Cope with GTK+ 2.0 encoding keypress strings in the current locale
      rather than in ISO-8859-1 (closes: #517535).

 -- Colin Watson <cjwatson@debian.org>  Sun, 05 Apr 2009 22:42:02 +0100

putty (0.60+2009-02-22-1) unstable; urgency=low

  * New experimental development snapshot.
    - Uses GTK+ 2.0 (closes: #516641, LP: #271277) and as a result supports
      Unicode window titles (LP: #48781).
    - Fixes handling of trailing CR in key files (closes: #414784).
  * Disabled upstream Kerberos support for now, as it produces unwanted
    linkage in pterm and other binaries.

 -- Colin Watson <cjwatson@debian.org>  Mon, 23 Feb 2009 10:11:54 +0000

putty (0.60-4) unstable; urgency=low

  * Build-depend on x11proto-core-dev rather than x-dev (thanks, Lintian).
  * Backport from upstream (r8150, Jacob Nevins; closes: #503186,
    LP: #67488):
    - Fix for portfwd-addr-family: on Unix, when a tunnel is specified as
      "Auto" (rather than IPv4 or IPv6-only; this is the default), try to
      open up listening sockets on both address families, rather than
      (unhelpfully) just IPv6. (And don't open one if the other can't be
      bound, in a nod to CVE-2008-1483.) Based on a patch from Ben A L
      Jemmett.
  * Avoid problems with the -D_FORTIFY_SOURCE=2 default on Ubuntu by
    explicitly ignoring results from a number of calls to read, write, and
    fwrite. (This is pretty ham-handed and I've asked upstream whether they
    have any better ideas for any of these.)

 -- Colin Watson <cjwatson@debian.org>  Sun, 16 Nov 2008 22:06:59 +0000

putty (0.60-3) unstable; urgency=low

  * Move putty to Applications/Network/Communication menu sub-section.
  * Use dh_desktop.

 -- Colin Watson <cjwatson@debian.org>  Wed, 28 May 2008 09:28:32 +0100

putty (0.60-2) unstable; urgency=low

  * Update to section structure from menu 2.1.35.

 -- Colin Watson <cjwatson@debian.org>  Thu, 05 Jul 2007 12:19:47 +0100

putty (0.60-1) unstable; urgency=low

  * New upstream release (closes: #422935).
    - Pressing Ctrl+Break now sends a serial break signal in the serial back
      end, and in the SSH and Telnet backends it asks the server to do the
      same (if the server supports it). The previous Ctrl+Break behaviour
      can still be triggered with Ctrl-C.
    - You can now store a host name in the Default Settings.
    - In 0.59, it was possible to lock yourself out of the configuration
      dialog by configuring a serial connection in Default Settings. This
      should no longer be possible.
    - We've had reports of the error message `Unable to read from standard
      input' in Plink 0.59. We've found and fixed one cause of this message,
      and added better diagnostics in case there are others.
    - 0.59 could emit malformed SSH-2 packets that upset some servers (such
      as Foundry routers). Fixed.

 -- Colin Watson <cjwatson@debian.org>  Thu, 10 May 2007 10:30:25 +0100

putty (0.59-3) experimental; urgency=low

  * Build-depend on python for icon generation (closes: #409115).

 -- Colin Watson <cjwatson@debian.org>  Wed, 31 Jan 2007 08:45:16 +0000

putty (0.59-2) experimental; urgency=low

  * Build-depend on imagemagick for icon generation.

 -- Colin Watson <cjwatson@debian.org>  Tue, 30 Jan 2007 12:53:24 +0000

putty (0.59-1) experimental; urgency=low

  * New upstream release.
    - PuTTY can now connect to a local serial port, as an alternative to
      making a network connection.
    - Support for password expiry in SSH-2.
    - Various performance improvements and cryptography upgrades.
    - The file transfer utilities PSCP and PSFTP now support files bigger
      than 2Gb (provided the underlying operating system does too).
    - Numerous other small bug fixes, including:
     + Return a well-formed response containing the empty string by default
       in response to a remote window title query (closes: #229232).
     + Remove the loops that close all open fds before running a subprocess.
       They were intended to make sure the child process didn't inherit
       anything embarrassing or inconvenient from us, such as the master end
       of its own pty, but now we instead do this by making sure to set all
       our own fds to not-FD_CLOEXEC on creation (closes: #357520).
     + Save private keys and session logs such that they're only readable by
       the owner (closes: #400804).
     + psftp: Fix double-free on mkdir (closes: #406090).
  * Update debian/copyright.
  * Install kh2reg.py in /usr/share/doc/putty-tools/examples
    (closes: #400806).
  * Install new pterm and putty icons.
  * Use transparency for GTK 1 window icons.

 -- Colin Watson <cjwatson@debian.org>  Mon, 29 Jan 2007 21:38:53 +0000

putty (0.58-5) unstable; urgency=low

  * Remove Icon= from putty and pterm desktop files, as there are no icons
    yet.

 -- Colin Watson <cjwatson@debian.org>  Mon, 17 Jul 2006 10:21:38 +0100

putty (0.58-4) unstable; urgency=low

  * Add desktop files for putty and pterm (thanks, Barry deFreese via
    Ubuntu; closes:
    https://launchpad.net/distros/ubuntu/+source/putty/+bug/29716).
  * Fix display timeouts on 64-bit systems (thanks, Peter Maydell;
    closes: #336390).

 -- Colin Watson <cjwatson@debian.org>  Sat, 15 Apr 2006 10:52:28 +0100

putty (0.58-3) unstable; urgency=low

  * Dynamically allocate memory passed to putenv() in pty_init() and don't
    free it, otherwise TERM ends up unset.

 -- Colin Watson <cjwatson@debian.org>  Fri, 15 Jul 2005 11:52:10 +0100

putty (0.58-2) unstable; urgency=low

  * Fix warnings with gcc-4.0 (closes: #287960).
  * Upgrade to debhelper compatibility level 4; level 2 is deprecated.

 -- Colin Watson <cjwatson@debian.org>  Fri, 15 Jul 2005 11:08:53 +0100

putty (0.58-1) unstable; urgency=low

  * New upstream release (closes: #303296).
    - Wildcards (mput/mget) and recursive file transfer in PSFTP
      (closes: #254578).
    - You can now save your session details from the Change Settings dialog
      box, _after_ you've started your session.
    - Various improvements to Unicode support, including:
      + support for right-to-left and bidirectional text (Arabic, Hebrew
        etc).
      + support for Arabic text shaping.
      + support for Unicode combining characters.
    - Support for the xterm 256-colour control sequences.
    - Port forwardings can now be reconfigured in mid-session.
    - Support for IPv6.
    - More configurability and flexibility in SSH-2 key exchange. In
      particular, PuTTY can now initiate repeat key exchange during the
      session, which means that if your server doesn't initiate it (OpenSSH
      is known not to bother) you can still have the cryptographic benefits.
    - Display artefacts caused by characters overflowing their character
      cell should now all be gone. (This would probably have bothered
      Windows ClearType users more than anyone else.)
    - Keepalives are now supported everywhere.
    - Miscellaneous improvements for CJK/IME users.
    - New pterm timing code, reducing idle CPU usage (closes: #204811).
  * Build-depend on x-dev and libx11-dev rather than the transitional
    xlibs-dev package.

 -- Colin Watson <cjwatson@debian.org>  Sun, 10 Apr 2005 12:47:35 +0100

putty (0.57-1) unstable; urgency=high

  * New upstream release, fixing pscp/psftp security holes exploitable by a
    malicious server after host key verification (closes: #296144).
    - [SECURITY] Fix heap corruption vulnerability in handling of response
      to SFTP FXP_READDIR request.
    - [SECURITY] Fix heap corruption vulnerability in handling of SFTP
      string fields.

 -- Colin Watson <cjwatson@debian.org>  Sun, 20 Feb 2005 22:49:28 +0000

putty (0.56-1) unstable; urgency=high

  * New upstream release.
    - [SECURITY] A vulnerability discovered by iDEFENSE, potentially
      allowing arbitrary code execution on the client by a malicious server
      before host key verification, has been fixed (closes: #278414).
    - Ability to restart a session within an inactive window, via a new menu
      option.
    - Minimal support for not running a shell or command at all in SSH
      protocol 2 (equivalent to OpenSSH's `-N' option). PuTTY/Plink still
      provide a normal window for interaction, and have to be explicitly
      killed.
    - Transparent support for CHAP cryptographic authentication in the SOCKS
      5 proxy protocol.
    - More diagnostics in the Event Log, particularly of SSH port
      forwarding.
    - Ability to request setting of environment variables in SSH (protocol 2
      only).
    - Ability to send POSIX signals in SSH (protocol 2 only) via the
      `Special Commands' menu.
    - Bug fix: The PuTTY tools now more consistently support usernames
      containing `@' signs.
    - Support for the Polish character set `Mazovia'.
    - When logging is enabled, the log file is flushed more frequently, so
      that its contents can be viewed before it is closed.
    - More flexibility in SSH packet logging: known passwords and session
      data can be omitted from the log file. Passwords are omitted by
      default. (This option isn't perfect for removing sensitive details;
      you should still review log files before letting them out of your
      sight.)
    - Ability to set environment variables in pterm.
    - PuTTY and pterm attempt to use a UTF-8 line character set by default
      if this is indicated by the locale; however, this can be overridden.
    - Fix build failure on amd64 due to ut_time's size (closes: #265910).
    - Fix blinking line cursors (closes: #272877).
  * Install HTML documentation in /usr/share/doc/putty-tools, and make putty
    depend on putty-tools for the documentation (closes: #278094).

 -- Colin Watson <cjwatson@debian.org>  Tue, 26 Oct 2004 22:20:17 +0100

putty (0.55-1) unstable; urgency=high

  * New upstream release.
    - [SECURITY] A vulnerability discovered by Core Security Technologies
      (advisory number CORE-2004-0705), potentially allowing arbitrary code
      execution on the client by a malicious server before host key
      verification, has been fixed.
    - General robustness of the SSH1 implementation has been improved, which
      may have fixed further potential security problems although we are not
      aware of any specific ones.
    - A terminal speed is now sent to the SSH server.
    - Removed a spurious diagnostic message in Plink.
    - The `-load' option in PSCP and PSFTP should work better.
    - X forwarding can now talk to Unix sockets as well as TCP sockets
      (closes: #251257).
    - Various crashes and assertion failures fixed.

 -- Colin Watson <cjwatson@debian.org>  Wed,  4 Aug 2004 01:43:20 +0100

putty (0.54-2) unstable; urgency=low

  * Upstream man page fixes:
    - putty(1): Remove claim that there's no Unix puttygen.
    - plink(1): Tart up, fix outright lies, mention web docs.
    - Add (probably frustratingly) bare-bones man pages for pscp and psftp.
  * debian/pterm.menu, debian/putty.menu: Quote 'needs' and 'section'
    arguments.
  * Policy version 3.5.9: no changes required. Deferring 3.5.10 and above
    until I've looked into 'x-terminal-emulator -e' compatibility.

 -- Colin Watson <cjwatson@debian.org>  Fri, 27 Feb 2004 02:39:26 +0000

putty (0.54-1) unstable; urgency=low

  * New upstream release. First official Unix release!

 -- Colin Watson <cjwatson@debian.org>  Sat, 14 Feb 2004 12:31:33 +0000

putty (0.53-b-2004-01-25-1) unstable; urgency=low

  * New upstream snapshot.
    - puttygen is now implemented, and is part of putty-tools.

 -- Colin Watson <cjwatson@debian.org>  Sun, 25 Jan 2004 20:37:02 +0000

putty (0.53-b-2003-10-12-1) unstable; urgency=low

  * New upstream release.
    - Plink, PSCP, and PSFTP are now ready for prime-time. Create a new
      putty-tools package for them.
    - Possibly fix intermittent "Unable to load private key" errors with SSH
      protocol 2 (see #194067).
  * Advertise UTF-8 support in pterm's description.

 -- Colin Watson <cjwatson@debian.org>  Sun, 12 Oct 2003 22:46:16 +0100

putty (0.53-b-2003-08-23-2) unstable; urgency=low

  * Fix -DSNAPSHOT calculation for NMU-style-versioned packages (thanks,
    Owen Dunn).

 -- Colin Watson <cjwatson@debian.org>  Sun, 31 Aug 2003 14:22:59 +0100

putty (0.53-b-2003-08-23-1) unstable; urgency=low

  * New upstream snapshot. Among other things:
    - Fix a (non-security-critical) segfault in PuTTY's zlib code.
    - Selection handling improved: selection timestamps are set more
      accurately and X cut buffers are supported.
    - Shadow bold can be requested explicitly.

 -- Colin Watson <cjwatson@debian.org>  Sun, 24 Aug 2003 00:03:28 +0100

putty (0.53-b-2003-05-14-1) unstable; urgency=low

  * New upstream snapshot, including:
    - Redraw the window border when the window background colour is
      reconfigured mid-session (closes: #193013).
    - Rename crc32() to crc32_compute(), to avoid clashing with zlib
      (closes: #192309).
    - Allow pterm to receive and understand COMPOUND_TEXT selections,
      including character set conversion where necessary (closes: #192307).

 -- Colin Watson <cjwatson@debian.org>  Wed, 14 May 2003 02:29:47 +0100

putty (0.53-b-2003-05-13-1) unstable; urgency=low

  * New upstream snapshot.
    - Fix spin on exit with +ut, due to a stale file descriptor hanging
      around and getting closed later when it had become claimed by GTK
      (closes: #166396).
    - Add putty(1) man page (closes: #190570).

 -- Colin Watson <cjwatson@debian.org>  Tue, 13 May 2003 03:34:56 +0100

putty (0.53-b-2003-05-11-1) unstable; urgency=low

  * New upstream snapshot, including:
    - Fix uninitialized value warning on arm (closes: #192674).
    - Fix int <=> pointer casting problems on alpha/ia64 (closes: #192701).
    - Restore -T option to pterm (closes: #191750).
    - Document NoRemoteQTitle resource and fix window versus icon title
      reporting (closes: #191751).
    - pterm will now attempt to guess suitable names for any missing fonts
      from the ones given; so it'll ask for a font twice as wide as your
      base one if you don't specify a wide font, it'll ask for a bolded
      version of your base font if you don't specify a bold font, and
      similarly for a wide/bold font.
    - Remove now-incorrect claim from pterm(1) that Unicode is not supported
      (with the last two changes, this closes: #187389).

 -- Colin Watson <cjwatson@debian.org>  Sun, 11 May 2003 02:22:57 +0100

putty (0.53-b-2003-04-28-1) unstable; urgency=low

  * New upstream snapshot.
    - Fixes SIGPIPE blocking in pterm.

 -- Colin Watson <cjwatson@debian.org>  Mon, 28 Apr 2003 17:20:55 +0100

putty (0.53-b-2003-04-24-1) unstable; urgency=low

  * New upstream snapshot.
    - PuTTY itself is now available for Unix, and packaged.
    - Compiled with optimization by default; several compiler warnings and
      bugs fixed as a result.
  * Set snapshot version number for the benefit of the About box.

 -- Colin Watson <cjwatson@debian.org>  Thu, 24 Apr 2003 14:24:34 +0100

putty (0.53-b-2003-03-07-1) unstable; urgency=low

  * New upstream snapshot.
    - Sets WINDOWID, so that for example w3m inline images stand a better
      chance of appearing in the correct window.

 -- Colin Watson <cjwatson@debian.org>  Fri,  7 Mar 2003 01:41:58 +0000

putty (0.53-b-2003-01-04-1) unstable; urgency=low

  * New upstream snapshot.
    - Version number tweaked slightly; it's really 0.53b-2003-01-04-1, but
      that compares less than 0.53-2002-11-08-1.
    - Supports UTF-8; just tell it to use a font in the iso10646-1 encoding.
  * Update copyright dates in debian/copyright to match LICENCE.
  * Just build pterm. No need to bother building plink as well when it's not
    part of a binary package.

 -- Colin Watson <cjwatson@debian.org>  Sat,  4 Jan 2003 16:58:48 +0000

putty (0.53-2002-11-08-1) unstable; urgency=low

  * New upstream snapshot.
    - Uses the right kinds of dashes in pterm(1) (closes: #167761).
    - Stops at the right point when encountering an error parsing the
      command line (closes: #167787).
  * Document the utmp helper process in README.Debian (closes: #168016).

 -- Colin Watson <cjwatson@debian.org>  Fri,  8 Nov 2002 19:28:32 +0000

putty (0.53-2002-11-03-1) unstable; urgency=low

  * New upstream snapshot.
    - Switches the default shadow bold offset to +1, which Crispin has been
      complaining about.
    - plink has been ported, but isn't packaged yet.

 -- Colin Watson <cjwatson@debian.org>  Mon,  4 Nov 2002 00:15:03 +0000

putty (0.53-2002-10-26-1) unstable; urgency=low

  * New upstream snapshot.
    - Set background colour to avoid redraw flicker (closes: #165888).
    - CloseOnExit: 0 responds to keypresses as it claims (closes: #166397).

 -- Colin Watson <cjwatson@debian.org>  Sat, 26 Oct 2002 01:34:33 +0100

putty (0.53-2002-10-24-1) unstable; urgency=low

  * New upstream snapshot.
    - Reap utmp helper zombie process when +ut is used (closes: #165887).
  * Install pterm setgid utmp so that it can make entries in the utmp and
    wtmp files, and add a lintian override for this.

 -- Colin Watson <cjwatson@debian.org>  Thu, 24 Oct 2002 00:47:54 +0100

putty (0.53-2002-10-17-2) unstable; urgency=low

  * I used to be able to package things well, honest ...
  * Add menu file.
  * Register an alternative for x-terminal-emulator.

 -- Colin Watson <cjwatson@debian.org>  Tue, 22 Oct 2002 01:06:45 +0100

putty (0.53-2002-10-17-1) unstable; urgency=low

  * Initial release, from upstream source snapshot.
  * I've put the source package in the net section because that probably
    fits PuTTY as a whole better, but I've put the pterm binary package in
    the x11 section. Go figure.

 -- Colin Watson <cjwatson@debian.org>  Fri, 18 Oct 2002 14:58:42 +0100