Partager à toutes et tous (enfin ceux que ça intéresse) ce que je note sur le net

Aller au contenu | Aller au menu | Aller à la recherche

Pour ceux qui l'utilisent - PuTTY: latest release (0.71)

Note: concernant le fork que je connais aussi, cad Kitty, il n'a pas été maj lui.

Download PuTTY: latest release (0.71) sgtatham putty latest.png

Chez Putty il n'y avait pas eu d'update depuis 2017 ...  le changelog:

These features are new in 0.71 (released 2019-03-16):

  • Security fixes found by an EU-funded bug bounty programme:
    • a remotely triggerable memory overwrite in RSA key exchange, which can occur before host key verification
    • potential recycling of random numbers used in cryptography
    • on Windows, hijacking by a malicious help file in the same directory as the executable
    • on Unix, remotely triggerable buffer overflow in any kind of server-to-client forwarding
    • multiple denial-of-service attacks that can be triggered by writing to the terminal
  • Other security enhancements: major rewrite of the crypto code to remove cache and timing side channels.
  • User interface changes to protect against fake authentication prompts from a malicious server.
  • We now provide pre-built binaries for Windows on Arm.
  • Hardware-accelerated versions of the most common cryptographic primitives: AES, SHA-256, SHA-1.
  • GTK PuTTY now supports non-X11 displays (e.g. Wayland) and high-DPI configurations.
  • Type-ahead now works as soon as a PuTTY window is opened: keystrokes typed before authentication has finished will be buffered instead of being dropped.
  • Support for GSSAPI key exchange: an alternative to the older GSSAPI authentication system which can keep your forwarded Kerberos credentials updated during a long session.
  • More choices of user interface for clipboard handling.
  • New terminal features: support the REP escape sequence (fixing an ncurses screen redraw failure), true colour, and SGR 2 dim text.
  • Pressing Ctrl+Shift+PgUp or Ctrl+Shift+PgDn now takes you straight to the top or bottom of the terminal scrollback.