On Wed, 6 Mar 2013, Melancon, Ruddy wrote:
I have a security officer that has raised the issue
regarding free [Putty] software.
Has anyone encounterd security issues with Putty beyond the
Release 0.60? I am looking for documented problems.
Putty is a 0.62 in Red Hat's 'rawhide'
It has no recent CVE's noted in the changelog at all
Other than unfamiliarity with not having a commercial vendor
come to mind, what is the 'issue'?
While I am not, nor have I ever worked for Red Hat, but they
_do_ and _are_ in the business of selling support contracts.
They are, or their proxy is, on various GSA and related
governmental schedules. They _do_ 'do Windows' too [1]
-- Russ herrold
[1] http://www.cygwin.com/
[herrold@centos-6 ~]$ rpm -qp --changelog \
/mnt/nfs/var/ftp/pub/mirror2/redhat/rawhide/SRPMS/p/putty-0.62-4.fc19.src.rpm
\
| grep CVE
- Previous release pre-emptively fixed CVE-2006-7162/BZ#231726
[herrold@centos-6 ~]$ rpm -qp --changelog \
/mnt/nfs/var/ftp/pub/mirror2/redhat/rawhide/SRPMS/p/putty-0.62-4.fc19.src.rpm
\
| head
* Thu Feb 14 2013 Fedora Release Engineering
<[email protected]> - 0.62-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Wed Sep 26 2012 Jaroslav Škarvada <[email protected]> -
0.62-3
- Added missing ImageMagick BuildRequires
* Wed Sep 19 2012 Jaroslav Škarvada <[email protected]> -
0.62-2
- Generated icon from sources
* Tue Aug 07 2012 Jaroslav Škarvada <[email protected]> -
0.62-1
[herrold@centos-6 ~]$
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
----------------------------------------------------------------------
For more information on Linux on System z, visit
http://wiki.linuxvm.org/
