Описание
Security update for putty
This update for putty to version 0.73 fixes the following issues:
- CVE-2019-17068: Fixed the insufficient handling of terminal escape sequences, that should delimit the pasted data in bracketed paste mode (boo#1152753).
- CVE-2019-17069: Fixed a possible information leak caused by SSH-1 disconnection messages (boo#1152753).
Список пакетов
openSUSE Leap 15.1
putty-0.73-lp151.3.6.1
Ссылки
- E-Mail link for openSUSE-SU-2019:2277-1
- SUSE Security Ratings
- SUSE Bug 1152753
- SUSE CVE CVE-2019-17068 page
- SUSE CVE CVE-2019-17069 page
Описание
PuTTY before 0.73 mishandles the "bracketed paste mode" protection mechanism, which may allow a session to be affected by malicious clipboard content.
Затронутые продукты
openSUSE Leap 15.1:putty-0.73-lp151.3.6.1
Ссылки
- CVE-2019-17068
- SUSE Bug 1152753
Описание
PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1_MSG_DISCONNECT message.
Затронутые продукты
openSUSE Leap 15.1:putty-0.73-lp151.3.6.1
Ссылки
- CVE-2019-17069
- SUSE Bug 1152753