Format: 1.8
Date: Wed, 07 Aug 2013 11:44:22 +0100
Source: putty
Binary: pterm putty putty-tools putty-doc
Architecture: source
Version: 0.62-6ubuntu0.1
Distribution: precise
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Changed-By: Colin Watson <cjwatson@ubuntu.com>
Description: 
 pterm      - PuTTY terminal emulator
 putty      - Telnet/SSH client for X
 putty-doc  - PuTTY HTML documentation
 putty-tools - command-line tools for SSH, SCP, and SFTP
Closes: 718779
Changes: 
 putty (0.62-6ubuntu0.1) precise; urgency=low
 .
   * CVE-2013-4206: Buffer underrun in modmul could corrupt the heap.
   * CVE-2013-4852: Negative string length in public-key signatures could
     cause integer overflow and overwrite all of memory (closes: #718779).
   * CVE-2013-4207: Non-coprime values in DSA signatures can cause buffer
     overflow in modular inverse.
   * CVE-2013-4208: Private keys were left in memory after being used by
     PuTTY tools.
   * Backport some general proactive potentially-security-relevant tightening
     from upstream.
Checksums-Sha1: 
 1e20e990f4fdb6b275089d419ec200ed7c0016d5 2132 putty_0.62-6ubuntu0.1.dsc
 0a143727138b2e9d8979a831471f627a727bfa19 25203 putty_0.62-6ubuntu0.1.debian.tar.gz
Checksums-Sha256: 
 27e25d19eb04fe8dd07d86478977505fc0b126d6611a2d3acc5a4d2cc250d58c 2132 putty_0.62-6ubuntu0.1.dsc
 abd1a2c64910e5c52db1f5aa7c2ad9a9baa46a4b810147e245255947050cc8a4 25203 putty_0.62-6ubuntu0.1.debian.tar.gz
Files: 
 1b1eade2966f7fa39cea5e5ceef3dff4 2132 net optional putty_0.62-6ubuntu0.1.dsc
 e4583dad457393ee1de1ea04979751a8 25203 net optional putty_0.62-6ubuntu0.1.debian.tar.gz
Original-Maintainer: Colin Watson <cjwatson@debian.org>