Date: Sat, 20 Jul 2019 16:13:26 +0000 (UTC) From: Matthias Andree <mandree@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r507000 - head/security/vuxml Message-ID: <201907201613.x6KGDQ0S044718@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: mandree Date: Sat Jul 20 16:13:25 2019 New Revision: 507000 URL: https://svnweb.freebsd.org/changeset/ports/507000 Log: Document PuTTY < 0.72 vulnerabilities. Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Sat Jul 20 16:12:02 2019 (r506999) +++ head/security/vuxml/vuln.xml Sat Jul 20 16:13:25 2019 (r507000) @@ -58,6 +58,56 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; + <vuln vid="5914705c-ab03-11e9-a4f9-080027ac955c"> + <topic>PuTTY 0.72 -- buffer overflow in SSH-1 and integer overflow in SSH client</topic> + <affects> + <package> + <name>putty</name> <range><lt>0.72</lt></range> + </package><package> + <name>putty-gtk2</name> <range><lt>0.72</lt></range> + </package><package> + <name>putty-nogtk</name> <range><lt>0.72</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Simon Tatham reports:</p> + <blockquote cite="https://lists.tartarus.org/pipermail/putty-announce/2019/000028.html">; + <p>Vulnerabilities fixed in this release include:</p> + <ul> + <li>A malicious SSH-1 server could trigger a buffer overrun by sending + extremely short RSA keys, or certain bad packet length fields. + Either of these could happen before host key verification, so even + if you trust the server you *intended* to connect to, you would + still be at risk. + <br/> + (However, the SSH-1 protocol is obsolete, and recent versions of + PuTTY do not try it by default, so you are only at risk if you work + with old servers and have explicitly configured SSH-1.)</li> + <li>If a malicious process found a way to impersonate Pageant, then it + could cause an integer overflow in any of the SSH client tools + (PuTTY, Plink, PSCP, PSFTP) which accessed the malicious Pageant.</li> + </ul> + <p>Other security-related bug fixes include:</p> + <ul> + <li>The 'trust sigil' system introduced in PuTTY 0.71 to protect + against server spoofing attacks had multiple bugs. Trust sigils + were not turned off after login in the SSH-1 and Rlogin protocols, + and not turned back on if you used the Restart Session command. + Both are now fixed.</li> + </ul> + </blockquote> + </body> + </description> + <references> + <url>https://lists.tartarus.org/pipermail/putty-announce/2019/000028.html</url>; + </references> + <dates> + <discovery>2019-07-14</discovery> + <entry>2019-07-20</entry> + </dates> + </vuln> + <vuln vid="df3db21d-1a4d-4c78-acf7-4639e5a795e0"> <topic>jenkins -- multiple vulnerabilities</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201907201613.x6KGDQ0S044718>