-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 16 Jul 2024 10:13:59 +0000 Source: putty Binary: pterm pterm-dbgsym putty putty-dbgsym putty-tools putty-tools-dbgsym Architecture: armel Version: 0.74-1+deb11u2 Distribution: bullseye Urgency: medium Maintainer: arm Build Daemon (arm-arm-01) Changed-By: Bastien Roucariès Description: pterm - PuTTY terminal emulator putty - Telnet/SSH client for X putty-tools - command-line tools for SSH, SCP, and SFTP Changes: putty (0.74-1+deb11u2) bullseye; urgency=medium . * Non-maintainer upload. * Cherry-pick from upstream: - Refactor the ssh_hash vtable. - Add an extra HMAC constructor function. - Fix CVE-2024-31497: biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. In other words, an adversary may already have enough signature information to compromise a victim's private key, even if there is no further use of vulnerable PuTTY versions. Checksums-Sha1: 5ea876142d04712a595132f7a228ee0df8bd2d9e 657756 pterm-dbgsym_0.74-1+deb11u2_armel.deb c786e0279b679f9d2d637a6071127ffcc5bf95f2 190288 pterm_0.74-1+deb11u2_armel.deb 0614eac0e4aa12e95f788b8d98136349d61b7dbc 2093576 putty-dbgsym_0.74-1+deb11u2_armel.deb beb89dc619e2c1e389e8cc67c3e3688605feede6 3602444 putty-tools-dbgsym_0.74-1+deb11u2_armel.deb 1b87a759b538336808b481b9abacfab05dd50dcc 362380 putty-tools_0.74-1+deb11u2_armel.deb 60481e7653cbcf281d2f2f9e49928f3892750ac3 15939 putty_0.74-1+deb11u2_armel-buildd.buildinfo 84d163903d8e5c62cd062f0dee9344de8fc34671 384228 putty_0.74-1+deb11u2_armel.deb Checksums-Sha256: 318dc4a929153f05cf73f0ff1b03b57573340b017285f301e0622b4310f41b98 657756 pterm-dbgsym_0.74-1+deb11u2_armel.deb cb504930591351b2e7a55907ef3ac81e1add3f03d9b2f4b8682df32996cab724 190288 pterm_0.74-1+deb11u2_armel.deb 3a5abe4125dab31db6a6a0514d4936ca76148605b3ee3ff1261d1c5698f786ab 2093576 putty-dbgsym_0.74-1+deb11u2_armel.deb fbe094417714d377e1d05ba055251d59b880c2643ead8e63d50ada5706d76871 3602444 putty-tools-dbgsym_0.74-1+deb11u2_armel.deb 60c7f4c0f068f662573a77495e6f7e9cca7fea99319f51bc3f6eee5368c4529d 362380 putty-tools_0.74-1+deb11u2_armel.deb 7c6354f9150debe283cb3090a9323753f065b9cfd1db3bd354247ccb07855ea3 15939 putty_0.74-1+deb11u2_armel-buildd.buildinfo dd150081b4ec8718c066df22f74ae95e48193d0ea45aa00fc3a1fc7ed36cccb3 384228 putty_0.74-1+deb11u2_armel.deb Files: e192c57ee530ec259385789e5df2e274 657756 debug optional pterm-dbgsym_0.74-1+deb11u2_armel.deb aec492fc57a7bd4615f32f9191b974c3 190288 x11 optional pterm_0.74-1+deb11u2_armel.deb 5c9b2aa2cfac66b70169e71ae7c2dcbc 2093576 debug optional putty-dbgsym_0.74-1+deb11u2_armel.deb ac8337be19f704c95d883707efc38f71 3602444 debug optional putty-tools-dbgsym_0.74-1+deb11u2_armel.deb 5186dd0cf3bf1dc1f47dc5ab21280201 362380 net optional putty-tools_0.74-1+deb11u2_armel.deb 3aea5dc78f257cb20e802bb0d3ae8056 15939 net optional putty_0.74-1+deb11u2_armel-buildd.buildinfo 890df0c3164c8cbb0455ca4c529f730c 384228 net optional putty_0.74-1+deb11u2_armel.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEELfAsbDZr65zRgOsKct6XE2dptMYFAma4p8kACgkQct6XE2dp tMY5aw//SiZSZh6fTH4Q8Rxy7zDcDNC+EivUMX1vY2SOvgeps+N1qNQpMphUsZH+ jemRd3xrKr6miBtk+OPPwiFo+GF+E0pUrbxjgdWDNGrkpoZiQVNcuWYvDJx6voVC JAce3VBrMGRF/vmUTyaNcZbhMiSR1kmlvARLh4zpZQdmDfPagCSrbA4YO/fmEIn7 qQDdS1SAPGylIPwtWOA8i8zSE3RGK4rZxtRD9YBg049hGgv7PSlAa+0AWmG3fC4y WUxWkj/25U++1t/zu98O0UQUVuxMCqrauGBlcRJ/ZTu1DT+ZaF9lHguZ+bCblvaP gTbWtfEjWWJRnAyZZvx1Jcq/r1l5xwiFMX+Qe2yIYJcqFd07zTCyFkjmUlG44lr6 lG5A7rSomzUONYLuUp2ubtjw18OLXcv3sLMoPDlRPpIyml5oPdNSCVs1/pesd/3s Itc6dribMMqYy8l28rDWWSPTNqVwtqeH62RMlzYs9gJo6QKXCLdcmrNGcf9LHC9B 9DZdkzpNR3H0ahCrmH1YpER8ZTvHQsFGQQRoHSvjlQ94ZizuVLmSxDT1YDm8lMBC dNMjKr6RUsY4lsySdLrXV10zgkLN/H9DcfhHnPmryBatrm5/KEAzXlD4ga7iJCHk 39SrtlC8ct9LrzgfywjjhaAW0x2c7vmH0nUyhJ7VKxnAMp3SRB0= =3p9j -----END PGP SIGNATURE-----