-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 16 Jul 2024 10:44:03 +0000 Source: putty Binary: pterm pterm-dbgsym putty putty-dbgsym putty-tools putty-tools-dbgsym Architecture: armhf Version: 0.78-2+deb12u2 Distribution: bookworm Urgency: medium Maintainer: arm Build Daemon (arm-ubc-06) Changed-By: Bastien Roucariès Description: pterm - PuTTY terminal emulator putty - Telnet/SSH client for X putty-tools - command-line tools for SSH, SCP, and SFTP Changes: putty (0.78-2+deb12u2) bookworm; urgency=medium . * Non-maintainer upload. * Cherry-pick from upstream: - Add an extra HMAC constructor function - Fix CVE-2024-31497: biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. In other words, an adversary may already have enough signature information to compromise a victim's private key, even if there is no further use of vulnerable PuTTY versions. * Run test/cryptsuite.py during build. Checksums-Sha1: 0349e43b376bfb41912063dfbc1fc8cc5d12ae60 698076 pterm-dbgsym_0.78-2+deb12u2_armhf.deb b51db2e30473203b383136b84d957d234806c912 197368 pterm_0.78-2+deb12u2_armhf.deb e2cc13cbcea1536fbcf187e505cf9cca69b32f7c 2297844 putty-dbgsym_0.78-2+deb12u2_armhf.deb 263305e30b6ddb230e35112ac8dea3daad3a5279 4708868 putty-tools-dbgsym_0.78-2+deb12u2_armhf.deb 87ba624250c19ed7cf08f64ad3e767d036201842 488116 putty-tools_0.78-2+deb12u2_armhf.deb 21faeceb858bbd9359f1812e8a3ca7fc593d642e 16283 putty_0.78-2+deb12u2_armhf-buildd.buildinfo 19d43115968837653941c2a1ba4be93cece64fdd 451028 putty_0.78-2+deb12u2_armhf.deb Checksums-Sha256: 2b44f48da17f98ce9548daf2ba9f14981e934b8205c40c1c1cb5f9eda536c545 698076 pterm-dbgsym_0.78-2+deb12u2_armhf.deb 8117fba2371918cb62640cf223283dcf070472694675ba959c6215fdb88d0739 197368 pterm_0.78-2+deb12u2_armhf.deb 2354755e40a938ff8ba2d40c06010e048c9042b81e8fef830bf075d48bfb3036 2297844 putty-dbgsym_0.78-2+deb12u2_armhf.deb 1b0c438713016aa6d256de41e38641770f991833c5c6cbe664ac435d708ce46c 4708868 putty-tools-dbgsym_0.78-2+deb12u2_armhf.deb f535a617aa002b5a72aac05c5f289d847abec5cfddaa6bd36e50d2237f404e7f 488116 putty-tools_0.78-2+deb12u2_armhf.deb 2d6d9ddf4d812a63084ae5dd55748b5c936239fb1816f2dd6b62f7ff09f69018 16283 putty_0.78-2+deb12u2_armhf-buildd.buildinfo d8cde9599ca4e2f7f6b5e921a726e00b3d9517c65305ffa1cef8fc39f0612f57 451028 putty_0.78-2+deb12u2_armhf.deb Files: 34b45d48ab930af41df4d0f9c4148a15 698076 debug optional pterm-dbgsym_0.78-2+deb12u2_armhf.deb 6dfaab5faf22f130b8a825666cb2b909 197368 x11 optional pterm_0.78-2+deb12u2_armhf.deb eac9069db92368cba5e49ac6dbdd58da 2297844 debug optional putty-dbgsym_0.78-2+deb12u2_armhf.deb d2d7ed0fd53be85ead400490d85d7bc8 4708868 debug optional putty-tools-dbgsym_0.78-2+deb12u2_armhf.deb c3caf65eff66ca9df2db6f711889695e 488116 net optional putty-tools_0.78-2+deb12u2_armhf.deb b0f9e54d55333197d6e3530658eadcd1 16283 net optional putty_0.78-2+deb12u2_armhf-buildd.buildinfo 8f5756c183e3af275aef1a9ff6e9c985 451028 net optional putty_0.78-2+deb12u2_armhf.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEErcTbumGV7Ig2iXlfQdxRZ9J7nEgFAmbGaXAACgkQQdxRZ9J7 nEgJdhAAmxVC+E/PFSn23HJpXy7L19IWmAqUnof+orztrajdUECQ1e8nzNcHAhp0 JN5eS4LDeOyHlhPNrTR0+1j0OUBqY3slnQwRSGPdz7ahrFoCgc+Qt4a0sgBEO1GQ CP1rwD8joBv94CtBzPAYVLswKStac9LbTLcAzYMiByjewx2MAns4iH5yPv2ZqFG2 HtWLlujThGB7HMr8vykYuTH6iZfrOQkfJKX8CcHWCapQry5TNV5/7El6sQafUWBs MK4ZgCOv6+OaaxZRDTuXBbjbyrJ5zdADUj2oN851N557FGhK2yR7Fzlu+QEsBeLD BjvTCd7HH59djSF3Tx6ytW3bclfeYmGSDjxi66HYiGalczxwuabe9DqP6Oc6qe07 vzfrm0QrkIEQ8KcBlPkffXrkPvv4NedmSlUTwr8I6sC1EXHGgqMrqrpAPqtdCBLo Y6gRMFUzK2eAIBvVZEer3BgejdPZHyNTC+4Zl19nvS5JsFuHENIdlNV4hyYw22/6 +hR9yFbPeQUmKAlkijmjT71T9FniH9FwsJNkxRd6HD6XyXr6czxlblxZcg9Fl0IE heqOZNgh8S1yqIa7FHaYAqfc9SvjwEwwEkN8Vqu5PG2qF0O1EjlfvjwMHRIBmep8 GYOpnu2AnQPovQ1PurjO4awT91xLRpjdqjdiB+nlbs42r7f9Dd4= =3vQb -----END PGP SIGNATURE-----