-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 16 Jul 2024 10:13:59 +0000 Source: putty Binary: pterm pterm-dbgsym putty putty-dbgsym putty-tools putty-tools-dbgsym Architecture: armhf Version: 0.74-1+deb11u2 Distribution: bullseye Urgency: medium Maintainer: arm Build Daemon (arm-arm-01) Changed-By: Bastien Roucariès Description: pterm - PuTTY terminal emulator putty - Telnet/SSH client for X putty-tools - command-line tools for SSH, SCP, and SFTP Changes: putty (0.74-1+deb11u2) bullseye; urgency=medium . * Non-maintainer upload. * Cherry-pick from upstream: - Refactor the ssh_hash vtable. - Add an extra HMAC constructor function. - Fix CVE-2024-31497: biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. In other words, an adversary may already have enough signature information to compromise a victim's private key, even if there is no further use of vulnerable PuTTY versions. Checksums-Sha1: 79aef03241e5ce0d6c8a105aa6211a3a61242151 669920 pterm-dbgsym_0.74-1+deb11u2_armhf.deb c690cc67a5f32821e8feba18d958599d53f39c22 194112 pterm_0.74-1+deb11u2_armhf.deb 8931470771ba4d6dd28f46bb3ee55f9dbc2b1a3a 2133780 putty-dbgsym_0.74-1+deb11u2_armhf.deb 28206671796718d3e5db2aea16ee5958149775d3 3678160 putty-tools-dbgsym_0.74-1+deb11u2_armhf.deb 33ec06e8769e9c91a139ca1c883554f6f247c373 371796 putty-tools_0.74-1+deb11u2_armhf.deb 18656ebec7ab10044633dedc235b063c6acffac9 15941 putty_0.74-1+deb11u2_armhf-buildd.buildinfo 2955d705ecb758e25487364ab51a4c3e613e67c0 394080 putty_0.74-1+deb11u2_armhf.deb Checksums-Sha256: 0530a36d8f17fabd6fbba19d46c501dfe29c0dda0622f7671cb22292bd14df5d 669920 pterm-dbgsym_0.74-1+deb11u2_armhf.deb 9e96721eab0937b86e50e543bcf3f0153e5a5b5ce90cc6eb00b6d4447651469b 194112 pterm_0.74-1+deb11u2_armhf.deb d7c9d33e8e1a6b0b28e121439debb5d1dbb25ac80736541eb6cdf9e041ae53f1 2133780 putty-dbgsym_0.74-1+deb11u2_armhf.deb 0052c456a41af0f658188ddc700bc53a417214e5a423daf4e9e6797a3b536b3b 3678160 putty-tools-dbgsym_0.74-1+deb11u2_armhf.deb d320b8247aab9bc8d953ea7107c2f815b3bb88b55902a165bc76babdba1a6bd1 371796 putty-tools_0.74-1+deb11u2_armhf.deb 9bcb82489f60153144bc5f3a8ba4afb4792ee413532040bc7001b429695cd194 15941 putty_0.74-1+deb11u2_armhf-buildd.buildinfo 00e30ab1fe4d4219838a223cbadd69e8619cdc005428d32aae641dfe28d0619d 394080 putty_0.74-1+deb11u2_armhf.deb Files: cc3a7353b99c5a428d39acfc0ca0f0d6 669920 debug optional pterm-dbgsym_0.74-1+deb11u2_armhf.deb 21d9f9ba323c59db0b42795b082c4596 194112 x11 optional pterm_0.74-1+deb11u2_armhf.deb 3897f8b7199004e507a97ac37bdb9ee8 2133780 debug optional putty-dbgsym_0.74-1+deb11u2_armhf.deb eae25c702d9b5bc79ea0c6c5cf1fe289 3678160 debug optional putty-tools-dbgsym_0.74-1+deb11u2_armhf.deb 150d26615e732d5cc511797942872c2d 371796 net optional putty-tools_0.74-1+deb11u2_armhf.deb f3dcb91f48dc31f2d8003e81f69b6782 15941 net optional putty_0.74-1+deb11u2_armhf-buildd.buildinfo 0c8f94b1a8012cfe913acaeff85f9671 394080 net optional putty_0.74-1+deb11u2_armhf.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEELfAsbDZr65zRgOsKct6XE2dptMYFAma4py0ACgkQct6XE2dp tMZF2g/+ImCnvKfJhJkigX57UDW+TTLZjCnpxzz1+GE5Ap0BACujWOJEUZb4BZG6 rn6W0WmBClrDAueXU19jtGYBOSysDig5yjdk7m2gSAzOQEwZhAb/5XV47WsT5yTK Sab98FbVLPbM5qAUUBS1OzMHIhrn3sPMp5XHnwuEKpJt2vovSk8ROKKTdJQZ+ymF nScLOmlEoOH8Xe+AzpuvekGfoSo5iEkqiXzBWygrs8Rpz+H+d7MK1igJY0KgmnXm XVo0zU/guiBnQu/O9jy8/MdTXYDjvBeghiJgtQtBASVluga7F6JDtYM+PsSfJHZf jj+D0+6O/b4AEVkh4kvuwrR7Uf6JPWvpWLUKbJwXwep+3tUwJE4a0GLKzLwpY3VS 3iXQQRJoO5IR8sdBmMM1p+d7ZwnValHteMOdTzQVCtGaLFvK2m3tCOBoHc0br7Jl xqOuDkN0GV/16ZBsDLVSFF9krGWNYakrexTNe1gcQLV/S38Nhj5wGEX6zuEpE2UF ZqdFNdijbgXEyAz3BizklIYxTpw4g5gj6GN8AAG0OWtk1SwGJlwjisQa+9T+pGW2 SXRirB+Udz78XIUuQJLI4D4qxvKOsORPQG37PDSXHiW34lmRmF3jZNYJ/R1rgZ2b DnXcST9yHouUyXU2Rye0yFAd39KKEoIvQQPQChxXNFRdbGXv8Vo= =KGYC -----END PGP SIGNATURE-----