mostly security, but some other fixes, see release notes for more.
they have rolled in the posix_openpt parts.
any tests/OKs?
those of you using this on Windows might want to update there too...
-- -- -- -- --
This release fixes multiple security holes in previous versions of
PuTTY, which can allow an SSH-2 server to make PuTTY overrun or
underrun buffers and crash. We do not know of any way in which these
vulnerabilities could permit a server to actually take control of the
client, but we also don't know that that _can't_ be done, so we
recommend you upgrade.
These vulnerabilities can be triggered before host key verification,
which means that you are not even safe if you trust the server you
_think_ you're connecting to, since it could be spoofed over the
network and the host key check would not detect this before the attack
could take place.
Additionally, when PuTTY authenticated with a user's private key, the
private key or information equivalent to it was accidentally kept in
PuTTY's memory for the rest of its run, where it could be retrieved by
other processes reading PuTTY's memory, or written out to swap files
or crash dumps. This release fixes that as well.
-- -- -- -- --
Index: Makefile
===================================================================
RCS file: /cvs/ports/net/putty/Makefile,v
retrieving revision 1.15
diff -u -p -r1.15 Makefile
--- Makefile 11 Mar 2013 11:35:55 -0000 1.15
+++ Makefile 6 Aug 2013 22:07:13 -0000
@@ -3,10 +3,9 @@
COMMENT-main= SSH and telnet client
COMMENT-gui= PuTTY GUI clients
-DISTNAME= putty-0.62
+DISTNAME= putty-0.63
PKGNAME-main= ${DISTNAME}
PKGNAME-gui= ${DISTNAME:S/putty/putty-gui/}
-REVISION= 1
CATEGORIES= net security
HOMEPAGE= http://www.chiark.greenend.org.uk/~sgtatham/putty/
@@ -16,39 +15,25 @@ MASTER_SITES= http://the.earth.li/~sgtat
# BSD
PERMIT_PACKAGE_CDROM= Yes
-CONFIGURE_STYLE= autoconf automake
+WANTLIB-main = c pthread
+WANTLIB-gui += X11 Xcomposite Xcursor Xdamage Xext Xfixes Xi Xinerama
+WANTLIB-gui += Xrandr Xrender atk-1.0 c cairo fontconfig freetype
+WANTLIB-gui += gdk-x11-2.0 gdk_pixbuf-2.0 gio-2.0 glib-2.0 gobject-2.0
+WANTLIB-gui += gtk-x11-2.0 m pango-1.0 pangocairo-1.0 pangoft2-1.0
+WANTLIB-gui += pthread z ${MODGETTEXT_WANTLIB}
+
+CONFIGURE_STYLE= gnu
CONFIGURE_ENV= CPPFLAGS="-I.././" \
LDFLAGS="-L${X11BASE}/lib"
-AUTOCONF_VERSION= 2.67
-AUTOMAKE_VERSION= 1.11
WRKSRC= ${WRKDIST}/unix
-MULTI_PACKAGES= -main -gui
+MULTI_PACKAGES= -main -gui
MODULES= devel/gettext
-WANTLIB-main= X11 c
-WANTLIB-gui= GL X11 Xcomposite Xcursor Xdamage Xext Xfixes Xi \
- Xinerama Xrandr Xrender atk-1.0 c cairo expat \
- fontconfig freetype gdk-x11-2.0 gdk_pixbuf-2.0 gio-2.0 \
- glib-2.0 gobject-2.0 gtk-x11-2.0 m pango-1.0 \
- pangocairo-1.0 pangoft2-1.0 pixman-1 png \
- pthread-stubs xcb xcb-render xcb-shm z \
- ${MODGETTEXT_WANTLIB}
-
LIB_DEPENDS-main= # empty
LIB_DEPENDS-gui= x11/gtk+2
-AUTO_ENV= AUTOCONF_VERSION=${AUTOCONF_VERSION} \
- AUTOMAKE_VERSION=${AUTOMAKE_VERSION}
-
NO_TEST= Yes
-
-post-patch:
- @echo "Running aclocal-${AUTOMAKE_VERSION} in ${WRKSRC}"
- @cd ${WRKSRC} && ${SETENV} ${AUTO_ENV} aclocal
-
-pre-configure:
- cd ${WRKDIST} && ./mkfiles.pl
.include <bsd.port.mk>
Index: distinfo
===================================================================
RCS file: /cvs/ports/net/putty/distinfo,v
retrieving revision 1.2
diff -u -p -r1.2 distinfo
--- distinfo 13 Jan 2013 10:12:52 -0000 1.2
+++ distinfo 6 Aug 2013 22:07:13 -0000
@@ -1,2 +1,2 @@
-SHA256 (putty-0.62.tar.gz) = jRh+hu4YyDmJXSY2B7YXiHeFZONyDo2FxTBaBPnaBXM=
-SIZE (putty-0.62.tar.gz) = 1783106
+SHA256 (putty-0.63.tar.gz) = gejqrzG+fZpGtPP7gNHZVAd28ULNidChHy+Agtxo+LU=
+SIZE (putty-0.63.tar.gz) = 1887913
Index: patches/patch-unix_configure_ac
===================================================================
RCS file: patches/patch-unix_configure_ac
diff -N patches/patch-unix_configure_ac
--- patches/patch-unix_configure_ac 16 Jan 2013 13:54:59 -0000 1.3
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,30 +0,0 @@
-$OpenBSD: patch-unix_configure_ac,v 1.3 2013/01/16 13:54:59 sthen Exp $
---- unix/configure.ac.orig Sat May 22 15:07:25 2010
-+++ unix/configure.ac Wed Jan 16 13:51:26 2013
-@@ -11,7 +11,7 @@ AC_CONFIG_HEADERS([uxconfig.h:uxconfig.in])
- AC_PROG_INSTALL
- AC_PROG_CC
- if test "X$GCC" = Xyes; then
-- PUTTYCFLAGS="-Wall -Werror"
-+ PUTTYCFLAGS="-Wall"
- else
- PUTTYCFLAGS=""
- fi
-@@ -31,8 +31,6 @@ AC_CHECK_HEADERS([utmpx.h sys/select.h],,,[
- #include <sys/types.h>
- #include <utmp.h>])
-
--# Look for both GTK 1 and GTK 2.
--AM_PATH_GTK([1.2.0], [gtk=1], [gtk=none])
- AM_PATH_GTK_2_0([2.0.0], [gtk=2], [])
- if test "$gtk" = "none"; then
- all_targets="all-cli"
-@@ -65,7 +63,7 @@ AS_IF([test "x$with_gssapi" != xno],
-
- AC_CHECK_LIB(X11, XOpenDisplay)
-
--AC_CHECK_FUNCS([getaddrinfo ptsname setresuid strsignal updwtmpx])
-+AC_CHECK_FUNCS([getaddrinfo posix_openpt ptsname setresuid strsignal
updwtmpx])
-
- AC_OUTPUT
-
Index: patches/patch-unix_uxpty_c
===================================================================
RCS file: patches/patch-unix_uxpty_c
diff -N patches/patch-unix_uxpty_c
--- patches/patch-unix_uxpty_c 13 Jan 2013 10:12:52 -0000 1.2
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,25 +0,0 @@
-$OpenBSD: patch-unix_uxpty_c,v 1.2 2013/01/13 10:12:52 brad Exp $
---- unix/uxpty.c.orig Wed Mar 2 14:12:42 2011
-+++ unix/uxpty.c Thu Dec 27 01:30:33 2012
-@@ -335,12 +335,21 @@ static void pty_open_master(Pty pty)
- chown(pty->name, getuid(), gp ? gp->gr_gid : -1);
- chmod(pty->name, 0600);
- #else
-+#ifdef HAVE_POSIX_OPENPT
-+ pty->master_fd = posix_openpt(O_RDWR|O_NOCTTY);
-+
-+ if (pty->master_fd < 0) {
-+ perror("posix_openpt");
-+ exit(1);
-+ }
-+#else
- pty->master_fd = open("/dev/ptmx", O_RDWR);
-
- if (pty->master_fd < 0) {
- perror("/dev/ptmx: open");
- exit(1);
- }
-+#endif
-
- if (grantpt(pty->master_fd) < 0) {
- perror("grantpt");
