PuTTY 0.71 釋出

過了一年半,PuTTY 在 2019/3/16 放出了 0.71,包含了大量的安全性修正及補強,然後也放出了 Windows on ARM 的 binary。

值得一提的是,其中不少安全性修正是來自由歐盟贊助的
HackerOne

  • Security fixes found by an EU-funded bug bounty programme:
    • a remotely triggerable memory overwrite in RSA key exchange, which can occur before host key verification
    • potential recycling of random numbers used in cryptography
    • on Windows, hijacking by a malicious help file in the same directory as the executable
    • on Unix, remotely triggerable buffer overflow in any kind of server-to-client forwarding
    • multiple denial-of-service attacks that can be triggered by writing to the terminal
  • Other security enhancements: major rewrite of the crypto code to remove cache and timing side channels.
  • User interface changes to protect against fake authentication prompts from a malicious server.
  • We now provide pre-built binaries for Windows on Arm.
  • Hardware-accelerated versions of the most common cryptographic primitives: AES, SHA-256, SHA-1.
  • GTK PuTTY now supports non-X11 displays (e.g. Wayland) and high-DPI configurations.
  • Type-ahead now works as soon as a PuTTY window is opened: keystrokes typed before authentication has finished will be buffered instead of being dropped.
  • Support for GSSAPI key exchange: an alternative to the older GSSAPI authentication system which can keep your forwarded Kerberos credentials updated during a long session.
  • More choices of user interface for clipboard handling.
  • New terminal features: support the REP escape sequence (fixing an ncurses screen redraw failure), true colour, and SGR 2 dim text.
  • Pressing Ctrl+Shift+PgUp or Ctrl+Shift+PgDn now takes you straight to the top or bottom of the terminal scrollback.
分類: FreeBSD, Linux, Software,標籤: , 。這篇內容的永久連結