Recommended update for putty SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2019:2017-1 Final 1 1 2019-08-26T18:19:50Z current 2019-08-26T18:19:50Z 2019-08-26T18:19:50Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Recommended update for putty This update for putty fixes the following issues: Update to new upstream release 0.72 [boo#1144547, boo#1144548] * Fixed two separate vulnerabilities affecting the obsolete SSH-1 protocol, both available before host key checking. * Fixed a vulnerability in all the SSH client tools (PuTTY, Plink, PSFTP and PSCP) if a malicious program can impersonate Pageant. * Fixed a crash in GSSAPI / Kerberos key exchange triggered if the server provided an ordinary SSH host key as part of the exchange. This update was imported from the openSUSE:Leap:15.0:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2019-2017 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JCG72FA36GGTI6UG4T327DVEQLC4Z2XM/#JCG72FA36GGTI6UG4T327DVEQLC4Z2XM E-Mail link for openSUSE-SU-2019:2017-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1144547 SUSE Bug 1144547 https://bugzilla.suse.com/1144548 SUSE Bug 1144548 SUSE Package Hub 15 SUSE Package Hub 15 SP1 putty-0.72-bp151.4.3.1 putty-0.72-bp151.4.3.1 as a component of SUSE Package Hub 15 putty-0.72-bp151.4.3.1 as a component of SUSE Package Hub 15 SP1