lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 3 Apr 2019 19:46:49 +0000
From: Moritz Muehlenhoff <jmm@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 4423-1] putty security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4423-1                   security@...ian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
April 03, 2019                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : putty
CVE ID         : CVE-2019-9894 CVE-2019-9895 CVE-2019-9897 CVE-2019-9898

Multiple vulnerabilities were found in the PuTTY SSH client, which could
result in denial of service and potentially the execution of arbitrary
code. In addition, in some situations random numbers could potentially be
re-used.

For the stable distribution (stretch), these problems have been fixed in
version 0.67-3+deb9u1.

We recommend that you upgrade your putty packages.

For the detailed security status of putty please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/putty

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlylDSMACgkQEMKTtsN8
Tja0aA//cRTui9IZgdBXvbxdIQZ126wL5lucowRDsqJmqPLYh03PBsEymlthQA1H
KK3/qyPHxJ+igkiQ/fL8v2mAMJz5nBF/emGsfUfxBWo/XWNqscVeulOlB5c9WRjN
Nqmhq6N13IyIeUf2F5y/Wx53VxIsickDWrwZLPIWtKsl/OJ4ih5KiFMx14Jl2FS9
+pZlzhAYCf1j7b7+fhLPPSMA6AXeaQbwzKcSnkd7eQ4GOzER1QVlfeQw/HGaQAV7
COB54LgGjoUJceY0ei0QPEgXNPaD7Jj/n2GQrP5jxjuLcnv78A8EJ04Vz3kJW00c
GAh3nC/gHECR+J1sFWvI7r50Fcg5XQiQ/XLk8z2dYaQnJvtZX5/zrbtpbdIJywV3
Tqso7WpSqlCK2dFnqPY5ewI4jdm94G2qbvBiexWOXIrnNA3epZiP4/v3Z2AK63z6
aKPEXo5zZdppSc4ufm3FdTmd83Bwbv15PVEoezz2AechigzxobM4PpO7GQEdMkSV
Bq5LpACHjP1b+47jKCb5qEdt5grK5Ibv7YV5l+mTrMywx+K3nIPW77NixtDiqXal
O2cXOqmB0e5Ribp7uAIA6/Db1QoXxObcXHBB71YrNO+qHLCD16WRakRRFQehoyWX
d1cUG7t7zz1im/LLTfuZB4usMqGCiE3ubAYMqmFb81SWPbrmJEs=
=NV3Q
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists