update to PuTTY 0.72, "fixes a small number of further security issues

found by the 2019 EU-funded HackerOne bug bounty, and a variety of other
bugs introduced in 0.71"
This commit is contained in:
sthen 2019-07-20 11:55:25 +00:00
parent b4524dffde
commit 5bfdda04be
7 changed files with 17 additions and 38 deletions

View File

@ -1,11 +1,9 @@
# $OpenBSD: Makefile,v 1.32 2019/07/12 20:48:44 sthen Exp $
# $OpenBSD: Makefile,v 1.33 2019/07/20 11:55:25 sthen Exp $
COMMENT-main= SSH and telnet client
COMMENT-gui= PuTTY GUI clients
# if updating, check if pageant can go back to main
V= 0.71
REVISION= 2
V= 0.72
DISTNAME= putty-$V
PKGNAME-main= ${DISTNAME}
PKGNAME-gui= ${DISTNAME:S/putty/putty-gui/}

View File

@ -1,2 +1,2 @@
SHA256 (putty-0.71.tar.gz) = L5Mc4viXgMyMp7vtkPzSLERRXSdz9fqVQGniCbSOxrg=
SIZE (putty-0.71.tar.gz) = 2423752
SHA256 (putty-0.72.tar.gz) = 8ja1omsJBYCbPNGQFY6Lldgfhq00/dl6QxLBh38s7F8=
SIZE (putty-0.72.tar.gz) = 2449516

View File

@ -1,22 +0,0 @@
$OpenBSD: patch-Recipe,v 1.1 2019/03/31 10:55:48 sthen Exp $
From f5c1753244d0399764fd68d6ac42ea2f2db47fc9 Mon Sep 17 00:00:00 2001
From: Simon Tatham <anakin@pobox.com>
Date: Tue, 26 Mar 2019 19:12:27 +0000
Subject: [PATCH] Link uxutils.o into Unix PuTTYgen.
On Arm Linux, this is necessary for the functions that check
availability of hardware crypto acceleration.
Index: Recipe
--- Recipe.orig
+++ Recipe
@@ -365,7 +365,7 @@ PUTTYGEN_UNIX = sshrsag sshdssg sshprime sshdes ARITH
+ sshrand uxnoise sshsha MISC sshrsa sshdss uxcons uxstore uxmisc
+ sshpubk sshaes sshsh256 sshsh512 IMPORT puttygen.res time tree234
+ uxgen notiming CONF sshecc sshecdsag uxnogtk sshauxcrypt sshhmac
- + uxpoll
+ + uxpoll uxutils
puttygen : [U] cmdgen PUTTYGEN_UNIX
cgtest : [UT] cgtest PUTTYGEN_UNIX

View File

@ -1,9 +1,9 @@
$OpenBSD: patch-putty_h,v 1.1 2019/03/16 22:09:30 sthen Exp $
$OpenBSD: patch-putty_h,v 1.2 2019/07/20 11:55:25 sthen Exp $
Index: putty.h
--- putty.h.orig
+++ putty.h
@@ -1564,6 +1564,7 @@ typedef enum NoiseSourceId {
@@ -1560,6 +1560,7 @@ typedef enum NoiseSourceId {
NOISE_SOURCE_THREADTIME,
NOISE_SOURCE_PROCTIME,
NOISE_SOURCE_PERFCOUNT,

View File

@ -1,6 +1,8 @@
$OpenBSD: patch-unix_uxcons_c,v 1.1 2016/09/10 13:03:42 ajacoutot Exp $
--- unix/uxcons.c.orig Sat Sep 10 12:06:10 2016
+++ unix/uxcons.c Sat Sep 10 12:06:24 2016
$OpenBSD: patch-unix_uxcons_c,v 1.2 2019/07/20 11:55:25 sthen Exp $
Index: unix/uxcons.c
--- unix/uxcons.c.orig
+++ unix/uxcons.c
@@ -6,6 +6,7 @@
#include <stdio.h>
#include <stdlib.h>

View File

@ -1,4 +1,5 @@
$OpenBSD: patch-unix_uxnoise_c,v 1.4 2019/03/16 22:09:30 sthen Exp $
$OpenBSD: patch-unix_uxnoise_c,v 1.5 2019/07/20 11:55:25 sthen Exp $
Index: unix/uxnoise.c
--- unix/uxnoise.c.orig
+++ unix/uxnoise.c
@ -71,7 +72,7 @@ Index: unix/uxnoise.c
read_random_seed(func);
}
@@ -102,21 +57,12 @@ void random_save_seed(void)
@@ -90,21 +45,12 @@ void noise_get_heavy(void (*func) (void *, int))
*/
void noise_regular(void)
{
@ -97,7 +98,7 @@ Index: unix/uxnoise.c
getrusage(RUSAGE_SELF, &rusage);
random_add_noise(NOISE_SOURCE_RUSAGE, &rusage, sizeof(rusage));
}
@@ -129,6 +75,9 @@ void noise_regular(void)
@@ -117,6 +63,9 @@ void noise_regular(void)
void noise_ultralight(NoiseSourceId id, unsigned long data)
{
struct timeval tv;

View File

@ -1,11 +1,11 @@
$OpenBSD: patch-unix_uxpgnt_c,v 1.1 2019/03/31 10:55:48 sthen Exp $
$OpenBSD: patch-unix_uxpgnt_c,v 1.2 2019/07/20 11:55:25 sthen Exp $
https://svnweb.freebsd.org/ports/head/security/putty/files/patch-unix_uxpgnt.c?revision=496064&view=co
Index: unix/uxpgnt.c
--- unix/uxpgnt.c.orig
+++ unix/uxpgnt.c
@@ -241,7 +241,7 @@ void pageant_fork_and_print_env(bool retain_tty)
@@ -240,7 +240,7 @@ void pageant_fork_and_print_env(bool retain_tty)
/* Get out of our previous process group, to avoid being
* blasted by passing signals. But keep our controlling tty,
* so we can keep checking to see if we still have one. */