Hello community, here is the log from the commit of package putty for openSUSE:Factory checked in at 2019-03-18 10:43:15 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/putty (Old) and /work/SRC/openSUSE:Factory/.putty.new.28833 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "putty" Mon Mar 18 10:43:15 2019 rev:20 rq:685782 version:0.71 Changes: -------- --- /work/SRC/openSUSE:Factory/putty/putty.changes 2018-07-10 16:15:12.973556263 +0200 +++ /work/SRC/openSUSE:Factory/.putty.new.28833/putty.changes 2019-03-18 10:43:24.995142272 +0100 @@ -1,0 +2,14 @@ +Sun Mar 17 11:28:14 UTC 2019 - Jan Engelhardt <[email protected]> + +- Update to new upstream release 0.71 + * Fixed a remotely triggerable memory overwrite in RSA key + exchange, which can occur before host key verification + potential recycling of random numbers used in cryptography. + * Fixed a remotely triggerable buffer overflow in any kind of + server-to-client forwarding. + * Fixed multiple denial-of-service attacks that can be triggered + by writing to the terminal. + * Major rewrite of the crypto code to remove cache and timing + side channels. + +------------------------------------------------------------------- Old: ---- putty-0.70.tar.gz putty-0.70.tar.gz.gpg New: ---- putty-0.71.tar.gz putty-0.71.tar.gz.gpg ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ putty.spec ++++++ --- /var/tmp/diff_new_pack.IPvuoH/_old 2019-03-18 10:43:26.283140888 +0100 +++ /var/tmp/diff_new_pack.IPvuoH/_new 2019-03-18 10:43:26.287140883 +0100 @@ -1,7 +1,7 @@ # # spec file for package putty # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,12 +12,12 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # Name: putty -Version: 0.70 +Version: 0.71 Release: 0 Summary: GTK-based terminal emulator program License: MIT ++++++ putty-0.70.tar.gz -> putty-0.71.tar.gz ++++++ ++++ 190377 lines of diff (skipped) ++++++ putty-03-config.diff ++++++ --- /var/tmp/diff_new_pack.IPvuoH/_old 2019-03-18 10:43:26.703140436 +0100 +++ /var/tmp/diff_new_pack.IPvuoH/_new 2019-03-18 10:43:26.703140436 +0100 @@ -5,81 +5,80 @@ * Set standard colors and use a more legilible font size. --- - settings.c | 51 ++++++++++++++++++++++++++++++++++----------------- + settings.c | 49 +++++++++++++++++++++++++++++++++---------------- unix/unix.h | 6 +----- windows/windefs.c | 2 +- - 3 files changed, 36 insertions(+), 23 deletions(-) + 3 files changed, 35 insertions(+), 22 deletions(-) -Index: putty-0.69/settings.c +Index: putty-0.71/settings.c =================================================================== ---- putty-0.69.orig/settings.c -+++ putty-0.69/settings.c -@@ -13,8 +13,8 @@ static const struct keyvalwhere cipherna +--- putty-0.71.orig/settings.c ++++ putty-0.71/settings.c +@@ -17,8 +17,8 @@ + static const struct keyvalwhere ciphernames[] = { { "aes", CIPHER_AES, -1, -1 }, { "chacha20", CIPHER_CHACHA20, CIPHER_AES, +1 }, - { "blowfish", CIPHER_BLOWFISH, -1, -1 }, - { "3des", CIPHER_3DES, -1, -1 }, { "WARN", CIPHER_WARN, -1, -1 }, + { "3des", CIPHER_3DES, -1, -1 }, + { "des", CIPHER_DES, -1, -1 }, + { "blowfish", CIPHER_BLOWFISH, -1, -1 }, { "arcfour", CIPHER_ARCFOUR, -1, -1 }, - { "des", CIPHER_DES, -1, -1 } - }; -@@ -749,7 +749,7 @@ void load_open_settings(void *sesskey, C +@@ -843,7 +843,7 @@ void load_open_settings(settings_r *sess } - gppi(sesskey, "TCPNoDelay", 1, conf, CONF_tcp_nodelay); - gppi(sesskey, "TCPKeepalives", 0, conf, CONF_tcp_keepalives); + gppb(sesskey, "TCPNoDelay", true, conf, CONF_tcp_nodelay); + gppb(sesskey, "TCPKeepalives", false, conf, CONF_tcp_keepalives); - gpps(sesskey, "TerminalType", "xterm", conf, CONF_termtype); + gpps(sesskey, "TerminalType", "linux", conf, CONF_termtype); gpps(sesskey, "TerminalSpeed", "38400,38400", conf, CONF_termspeed); if (gppmap(sesskey, "TerminalModes", conf, CONF_ttymodes)) { /* -@@ -917,10 +917,10 @@ void load_open_settings(void *sesskey, C - gppi(sesskey, "PassiveTelnet", 0, conf, CONF_passive_telnet); - gppi(sesskey, "BackspaceIsDelete", 1, conf, CONF_bksp_is_delete); - gppi(sesskey, "RXVTHomeEnd", 0, conf, CONF_rxvt_homeend); +@@ -1021,10 +1021,10 @@ void load_open_settings(settings_r *sess + gppb(sesskey, "PassiveTelnet", false, conf, CONF_passive_telnet); + gppb(sesskey, "BackspaceIsDelete", true, conf, CONF_bksp_is_delete); + gppb(sesskey, "RXVTHomeEnd", false, conf, CONF_rxvt_homeend); - gppi(sesskey, "LinuxFunctionKeys", 0, conf, CONF_funky_type); -+ gppi(sesskey, "LinuxFunctionKeys", 1, conf, CONF_funky_type); - gppi(sesskey, "NoApplicationKeys", 0, conf, CONF_no_applic_k); - gppi(sesskey, "NoApplicationCursors", 0, conf, CONF_no_applic_c); -- gppi(sesskey, "NoMouseReporting", 0, conf, CONF_no_mouse_rep); -+ gppi(sesskey, "NoMouseReporting", 1, conf, CONF_no_mouse_rep); - gppi(sesskey, "NoRemoteResize", 0, conf, CONF_no_remote_resize); - gppi(sesskey, "NoAltScreen", 0, conf, CONF_no_alt_screen); - gppi(sesskey, "NoRemoteWinTitle", 0, conf, CONF_no_remote_wintitle); -@@ -941,9 +941,9 @@ void load_open_settings(void *sesskey, C - gppi(sesskey, "ApplicationKeypad", 0, conf, CONF_app_keypad); - gppi(sesskey, "NetHackKeypad", 0, conf, CONF_nethack_keypad); - gppi(sesskey, "AltF4", 1, conf, CONF_alt_f4); -- gppi(sesskey, "AltSpace", 0, conf, CONF_alt_space); -+ gppi(sesskey, "AltSpace", 1, conf, CONF_alt_space); - gppi(sesskey, "AltOnly", 0, conf, CONF_alt_only); -- gppi(sesskey, "ComposeKey", 0, conf, CONF_compose_key); -+ gppi(sesskey, "ComposeKey", 1, conf, CONF_compose_key); - gppi(sesskey, "CtrlAltKeys", 1, conf, CONF_ctrlaltkeys); ++ gppi(sesskey, "LinuxFunctionKeys", true, conf, CONF_funky_type); + gppb(sesskey, "NoApplicationKeys", false, conf, CONF_no_applic_k); + gppb(sesskey, "NoApplicationCursors", false, conf, CONF_no_applic_c); +- gppb(sesskey, "NoMouseReporting", false, conf, CONF_no_mouse_rep); ++ gppb(sesskey, "NoMouseReporting", true, conf, CONF_no_mouse_rep); + gppb(sesskey, "NoRemoteResize", false, conf, CONF_no_remote_resize); + gppb(sesskey, "NoAltScreen", false, conf, CONF_no_alt_screen); + gppb(sesskey, "NoRemoteWinTitle", false, conf, CONF_no_remote_wintitle); +@@ -1046,9 +1046,9 @@ void load_open_settings(settings_r *sess + gppb(sesskey, "ApplicationKeypad", false, conf, CONF_app_keypad); + gppb(sesskey, "NetHackKeypad", false, conf, CONF_nethack_keypad); + gppb(sesskey, "AltF4", true, conf, CONF_alt_f4); +- gppb(sesskey, "AltSpace", false, conf, CONF_alt_space); ++ gppb(sesskey, "AltSpace", true, conf, CONF_alt_space); + gppb(sesskey, "AltOnly", false, conf, CONF_alt_only); +- gppb(sesskey, "ComposeKey", false, conf, CONF_compose_key); ++ gppb(sesskey, "ComposeKey", true, conf, CONF_compose_key); + gppb(sesskey, "CtrlAltKeys", true, conf, CONF_ctrlaltkeys); #ifdef OSX_META_KEY_CONFIG - gppi(sesskey, "OSXOptionMeta", 1, conf, CONF_osx_option_meta); -@@ -955,12 +955,12 @@ void load_open_settings(void *sesskey, C + gppb(sesskey, "OSXOptionMeta", true, conf, CONF_osx_option_meta); +@@ -1060,12 +1060,12 @@ void load_open_settings(settings_r *sess gppi(sesskey, "LocalEdit", AUTO, conf, CONF_localedit); gpps(sesskey, "Answerback", "PuTTY", conf, CONF_answerback); - gppi(sesskey, "AlwaysOnTop", 0, conf, CONF_alwaysontop); -- gppi(sesskey, "FullScreenOnAltEnter", 0, conf, CONF_fullscreenonaltenter); -+ gppi(sesskey, "FullScreenOnAltEnter", 1, conf, CONF_fullscreenonaltenter); - gppi(sesskey, "HideMousePtr", 0, conf, CONF_hide_mouseptr); - gppi(sesskey, "SunkenEdge", 0, conf, CONF_sunken_edge); + gppb(sesskey, "AlwaysOnTop", false, conf, CONF_alwaysontop); +- gppb(sesskey, "FullScreenOnAltEnter", false, ++ gppb(sesskey, "FullScreenOnAltEnter", true, + conf, CONF_fullscreenonaltenter); + gppb(sesskey, "HideMousePtr", false, conf, CONF_hide_mouseptr); + gppb(sesskey, "SunkenEdge", false, conf, CONF_sunken_edge); gppi(sesskey, "WindowBorder", 1, conf, CONF_window_border); - gppi(sesskey, "CurType", 0, conf, CONF_cursor_type); -- gppi(sesskey, "BlinkCur", 0, conf, CONF_blink_cur); + gppi(sesskey, "CurType", 1, conf, CONF_cursor_type); -+ gppi(sesskey, "BlinkCur", 1, conf, CONF_blink_cur); + gppb(sesskey, "BlinkCur", false, conf, CONF_blink_cur); /* pedantic compiler tells me I can't use conf, CONF_beep as an int * :-) */ gppi(sesskey, "Beep", 1, conf, CONF_beep); - gppi(sesskey, "BeepInd", 0, conf, CONF_beep_ind); -@@ -994,10 +994,10 @@ void load_open_settings(void *sesskey, C - gppi(sesskey, "CRImpliesLF", 0, conf, CONF_crhaslf); - gppi(sesskey, "DisableArabicShaping", 0, conf, CONF_arabicshaping); - gppi(sesskey, "DisableBidi", 0, conf, CONF_bidi); -- gppi(sesskey, "WinNameAlways", 1, conf, CONF_win_name_always); -+ gppi(sesskey, "WinNameAlways", 0, conf, CONF_win_name_always); +@@ -1100,10 +1100,10 @@ void load_open_settings(settings_r *sess + gppb(sesskey, "CRImpliesLF", false, conf, CONF_crhaslf); + gppb(sesskey, "DisableArabicShaping", false, conf, CONF_arabicshaping); + gppb(sesskey, "DisableBidi", false, conf, CONF_bidi); +- gppb(sesskey, "WinNameAlways", true, conf, CONF_win_name_always); ++ gppb(sesskey, "WinNameAlways", false, conf, CONF_win_name_always); gpps(sesskey, "WinTitle", "", conf, CONF_wintitle); gppi(sesskey, "TermWidth", 80, conf, CONF_width); - gppi(sesskey, "TermHeight", 24, conf, CONF_height); @@ -87,7 +86,7 @@ gppfont(sesskey, "Font", conf, CONF_font); gppi(sesskey, "FontQuality", FQ_DEFAULT, conf, CONF_font_quality); gppi(sesskey, "FontVTMode", VT_UNICODE, conf, CONF_vtmode); -@@ -1009,11 +1009,28 @@ void load_open_settings(void *sesskey, C +@@ -1116,11 +1116,28 @@ void load_open_settings(settings_r *sess for (i = 0; i < 22; i++) { static const char *const defaults[] = { @@ -121,20 +120,20 @@ }; char buf[20], *buf2; int c0, c1, c2; -@@ -1061,7 +1078,7 @@ void load_open_settings(void *sesskey, C +@@ -1178,7 +1195,7 @@ void load_open_settings(settings_r *sess * The empty default for LineCodePage will be converted later * into a plausible default for the locale. */ - gpps(sesskey, "LineCodePage", "", conf, CONF_line_codepage); + gpps(sesskey, "LineCodePage", "UTF-8", conf, CONF_line_codepage); - gppi(sesskey, "CJKAmbigWide", 0, conf, CONF_cjk_ambig_wide); - gppi(sesskey, "UTF8Override", 1, conf, CONF_utf8_override); + gppb(sesskey, "CJKAmbigWide", false, conf, CONF_cjk_ambig_wide); + gppb(sesskey, "UTF8Override", true, conf, CONF_utf8_override); gpps(sesskey, "Printer", "", conf, CONF_printer); -Index: putty-0.69/unix/unix.h +Index: putty-0.71/unix/unix.h =================================================================== ---- putty-0.69.orig/unix/unix.h -+++ putty-0.69/unix/unix.h -@@ -257,10 +257,6 @@ int so_peercred(int fd, int *pid, int *u +--- putty-0.71.orig/unix/unix.h ++++ putty-0.71/unix/unix.h +@@ -399,11 +399,7 @@ Socket *make_fd_socket(int infd, int out /* * Default font setting, which can vary depending on NOT_X_WINDOWS. */ @@ -145,17 +144,18 @@ -#endif +#define DEFAULT_GTK_FONT "client:Monospace 14" - #endif -Index: putty-0.69/windows/windefs.c + /* + * uxpty.c. +Index: putty-0.71/windows/windefs.c =================================================================== ---- putty-0.69.orig/windows/windefs.c -+++ putty-0.69/windows/windefs.c +--- putty-0.71.orig/windows/windefs.c ++++ putty-0.71/windows/windefs.c @@ -9,7 +9,7 @@ FontSpec *platform_default_fontspec(const char *name) { if (!strcmp(name, "Font")) -- return fontspec_new("Courier New", 0, 10, ANSI_CHARSET); -+ return fontspec_new("Ludica Console", 0, 14, ANSI_CHARSET); +- return fontspec_new("Courier New", false, 10, ANSI_CHARSET); ++ return fontspec_new("Consolas", false, 14, ANSI_CHARSET); else - return fontspec_new("", 0, 0, 0); + return fontspec_new("", false, 0, 0); }
