-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 16 Jul 2024 10:13:59 +0000 Source: putty Binary: pterm pterm-dbgsym putty putty-dbgsym putty-tools putty-tools-dbgsym Architecture: s390x Version: 0.74-1+deb11u2 Distribution: bullseye Urgency: medium Maintainer: s390x Build Daemon (zani) Changed-By: Bastien Roucariès Description: pterm - PuTTY terminal emulator putty - Telnet/SSH client for X putty-tools - command-line tools for SSH, SCP, and SFTP Changes: putty (0.74-1+deb11u2) bullseye; urgency=medium . * Non-maintainer upload. * Cherry-pick from upstream: - Refactor the ssh_hash vtable. - Add an extra HMAC constructor function. - Fix CVE-2024-31497: biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. In other words, an adversary may already have enough signature information to compromise a victim's private key, even if there is no further use of vulnerable PuTTY versions. Checksums-Sha1: 205d06f7961f05452d006fab2e90e3847704a7ca 690928 pterm-dbgsym_0.74-1+deb11u2_s390x.deb e2e3e3f5685139ed4c755d7f5b36fca35fae45a2 207096 pterm_0.74-1+deb11u2_s390x.deb 7a5cf80a1c831054361bb163f5308f5bebe6c869 2214780 putty-dbgsym_0.74-1+deb11u2_s390x.deb a0221ae7d479edaf0e99aa7d0f2d52e7881400bb 3821328 putty-tools-dbgsym_0.74-1+deb11u2_s390x.deb 47a823e5c8573174296a473ac5a2719a9c0a681a 415096 putty-tools_0.74-1+deb11u2_s390x.deb 295ab97c0d8478fd735b5becc6d65cce40b91049 15976 putty_0.74-1+deb11u2_s390x-buildd.buildinfo 95000f5ac80ec2ed5ef67ec5a39fdb80f3129332 427776 putty_0.74-1+deb11u2_s390x.deb Checksums-Sha256: a7160cc198856fc55a73c399c3132406d02c8948b349153fd654e1afa19e7972 690928 pterm-dbgsym_0.74-1+deb11u2_s390x.deb 709485eba6aced474b65240269346677b18bd55b86f5962ee366d88ad4bbd4ea 207096 pterm_0.74-1+deb11u2_s390x.deb f6e0cc74ac908097770efcf1b8eabb03fa91c81d800c156b1fa355fc789a2885 2214780 putty-dbgsym_0.74-1+deb11u2_s390x.deb 51aaa759fbf3a7687b5e146d70f807c90bdfdcfbd5545d3a1a38d7d119748f15 3821328 putty-tools-dbgsym_0.74-1+deb11u2_s390x.deb 8b382381fa2a181d12673195806df4feff92889f0f7e8411eb9604aed2462036 415096 putty-tools_0.74-1+deb11u2_s390x.deb edab916918fcc533478b1dec3a39effab62886fc73ca306f3356fae3820d025f 15976 putty_0.74-1+deb11u2_s390x-buildd.buildinfo 6a990a259660dac261194490e4e38c6bcd2c50a28a260ba899ef4df83c6082e9 427776 putty_0.74-1+deb11u2_s390x.deb Files: 7bed3e1c692b1960151e5784ad35b943 690928 debug optional pterm-dbgsym_0.74-1+deb11u2_s390x.deb 11a862fd42b47a349d5fe963bf61ce64 207096 x11 optional pterm_0.74-1+deb11u2_s390x.deb 36b0b87f476ecd7bc157e1fc397368a1 2214780 debug optional putty-dbgsym_0.74-1+deb11u2_s390x.deb 52e66a5c530b1d104931de297452ab6e 3821328 debug optional putty-tools-dbgsym_0.74-1+deb11u2_s390x.deb 767ea0dbd9461b186399059f2c89deb0 415096 net optional putty-tools_0.74-1+deb11u2_s390x.deb 34b5a043ac946ea50f7dfc4f0f50c54d 15976 net optional putty_0.74-1+deb11u2_s390x-buildd.buildinfo c2367dbf1b522cf129e542f7e1bd101d 427776 net optional putty_0.74-1+deb11u2_s390x.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEETdQgQHyJW2hcXsTC6b+AMjGgQHgFAma4qagACgkQ6b+AMjGg QHjLIg//YdWLuV6ltzhGb/k2E6dEsyrZcNgnsZvR3zdtXFx5h5Uq8I95QonGApQB pa4P+8e6wx2nn3mgPYz0FpcNeH60r2j5PLhalUaqsx30mNB1TtAHZu3QutBeEvNV QhAAYJ7zzIO9oSGu2vJcXE4xmHoeiKv/XhpQF6S3ZmrN81/uPhHcgyLWTL4yDayv 6poIgLlkzqdeURt9ekMuhUzWMMWP+4JbiCAbmcfMpoF8O8Ajna1Xw+6Gk2bUsqQJ a7dgaBpSfXxdU9BTxKdZ5eKmg+T4c3r+ZNgtkqLrg2JMXHSkKmBBchhXwrTsnQuB cNbnNB+7KLodnR7jYhBssdEx66XAOV7VnKL/vzpkCI4Zyv5NiVlGuyTIB7whIeYu rL5iC+89/eKObUuDOGZj3PdbGy/AEcCodqRUtc42wfryQDVt2MWfUMpAejgyuoWl tqEVpJRGeDjvAk3OUixhG7onbtfiXanLT6shnMZWh6uAMuMcRHfeo7C/EhexMbon n9ViAq5uA0n9hTtQcNWIWgr29SzrIHb5QI/DZliW5uhB7Ck7kSRd+oMSXDobtkHy CLxXPEX23ndJdx0dsWK5udAnojc/9wKPCIDPus5++NcW3HXvS4brDHpo40rbq91L MYOQl1Kh6ufp6mBaHSXfJ11HaM+Om1kcSxmyg//Ch4684+apMGw= =CTdC -----END PGP SIGNATURE-----