This bug was fixed in the package putty - 0.63-8ubuntu0.1 --------------- putty (0.63-8ubuntu0.1) utopic-security; urgency=medium
* SECURITY UPDATE: PuTTY did not properly wipe SSH-2 Private Keys from system memory, which can allow local users to obtain sensitive information by reading the memory. (LP: #1467631) - debian/patches/private-key-not-wiped-2.patch: Add in fix patch from Debian 0.63-10 packaging. Thanks to Patrick Coleman for the original patch. - CVE-2015-2157 -- Thomas Ward <tew...@ubuntu.com> Mon, 22 Jun 2015 14:12:25 -0400 ** Changed in: putty (Ubuntu Utopic) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1467631 Title: CVE-2015-2157 - SSH2 Private Keys Not Properly Wiped from Memory To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/putty/+bug/1467631/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs