[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DSA 4423-1] putty security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4423-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
April 03, 2019                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : putty
CVE ID         : CVE-2019-9894 CVE-2019-9895 CVE-2019-9897 CVE-2019-9898

Multiple vulnerabilities were found in the PuTTY SSH client, which could
result in denial of service and potentially the execution of arbitrary
code. In addition, in some situations random numbers could potentially be
re-used.

For the stable distribution (stretch), these problems have been fixed in
version 0.67-3+deb9u1.

We recommend that you upgrade your putty packages.

For the detailed security status of putty please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/putty

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlylDSMACgkQEMKTtsN8
Tja0aA//cRTui9IZgdBXvbxdIQZ126wL5lucowRDsqJmqPLYh03PBsEymlthQA1H
KK3/qyPHxJ+igkiQ/fL8v2mAMJz5nBF/emGsfUfxBWo/XWNqscVeulOlB5c9WRjN
Nqmhq6N13IyIeUf2F5y/Wx53VxIsickDWrwZLPIWtKsl/OJ4ih5KiFMx14Jl2FS9
+pZlzhAYCf1j7b7+fhLPPSMA6AXeaQbwzKcSnkd7eQ4GOzER1QVlfeQw/HGaQAV7
COB54LgGjoUJceY0ei0QPEgXNPaD7Jj/n2GQrP5jxjuLcnv78A8EJ04Vz3kJW00c
GAh3nC/gHECR+J1sFWvI7r50Fcg5XQiQ/XLk8z2dYaQnJvtZX5/zrbtpbdIJywV3
Tqso7WpSqlCK2dFnqPY5ewI4jdm94G2qbvBiexWOXIrnNA3epZiP4/v3Z2AK63z6
aKPEXo5zZdppSc4ufm3FdTmd83Bwbv15PVEoezz2AechigzxobM4PpO7GQEdMkSV
Bq5LpACHjP1b+47jKCb5qEdt5grK5Ibv7YV5l+mTrMywx+K3nIPW77NixtDiqXal
O2cXOqmB0e5Ribp7uAIA6/Db1QoXxObcXHBB71YrNO+qHLCD16WRakRRFQehoyWX
d1cUG7t7zz1im/LLTfuZB4usMqGCiE3ubAYMqmFb81SWPbrmJEs=
=NV3Q
-----END PGP SIGNATURE-----


Reply to: