Hello community, here is the log from the commit of package putty.3590 for openSUSE:13.1:Update checked in at 2015-03-11 12:53:02 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.1:Update/putty.3590 (Old) and /work/SRC/openSUSE:13.1:Update/.putty.3590.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "putty.3590" Changes: -------- New Changes file: --- /dev/null 2015-02-28 12:43:00.252025756 +0100 +++ /work/SRC/openSUSE:13.1:Update/.putty.3590.new/putty.changes 2015-03-11 12:53:03.000000000 +0100 @@ -0,0 +1,115 @@ +------------------------------------------------------------------- +Mon Mar 2 10:19:15 UTC 2015 - jeng...@inai.de + +- Update to new upstream release 0.64 +* Security fix: PuTTY no longer retains the private half of users' + keys in memory by mistake after authenticating with them. + [bnc#920167] (CVE-2015-2157) +* Support for SSH connection sharing, so that multiple instances of + PuTTY to the same host can share a single SSH connection instead + of all having to log in independently. +* Bug fix: IPv6 literals are handled sensibly throughout the suite, + if you enclose them in square brackets to prevent the colons + being mistaken for a :port suffix. +- Remove 0001-Revert-the-default-for-font-bolding-style.patch + (merged upstream), putty-04-nodate.diff (no longer needed). + +------------------------------------------------------------------- +Tue Sep 23 15:43:40 UTC 2014 - jeng...@inai.de + +- Drop gpg-offline build-time requirement; this is now handled by + the local source validator + +------------------------------------------------------------------- +Wed Aug 7 09:28:25 UTC 2013 - jeng...@inai.de + +- Add 0001-Revert-the-default-for-font-bolding-style.patch + (upstream patch fixing a cosmetic change introduced in 0.63) +- Add Conflict tag against pssh package (Parallel SSH) due to + conflicting files in /usr/bin + +------------------------------------------------------------------- +Tue Aug 6 19:47:43 UTC 2013 - jeng...@inai.de + +- Do signature verification + +------------------------------------------------------------------- +Tue Aug 6 19:09:06 UTC 2013 - andreas.stie...@gmx.de + +- update to 0.63 + * Security fix: prevent a nefarious SSH server or network attacker + from crashing PuTTY at startup in three different ways by + presenting a maliciously constructed public key and signature. + [bnc#833567] CVE-2013-4852 + * Security fix: PuTTY no longer retains the private half of users' + keys in memory by mistake after authenticating with them. + * Revamped the internal configuration storage system to remove all + fixed arbitrary limits on string lengths. In particular, there + should now no longer be an unreasonably small limit on the number + of port forwardings PuTTY can store. + * Forwarded TCP connections which close one direction before the + other should now be reliably supported, with EOF propagated + independently in the two directions. This also fixes some instances + of forwarding data corruption (if the corruption consisted of + losing data from the very end of the connection) and some instances + of PuTTY failing to close when the session is over (because it + wrongly thought a forwarding channel was still active when it was + not). + * The terminal emulation now supports xterm's bracketed paste mode + (allowing aware applications to tell the difference between typed + and pasted text, so that e.g. editors need not apply inappropriate + auto-indent). + * You can now choose to display bold text by both brightening the + foreground colour and changing the font, not just one or the other. + * PuTTYgen will now never generate a 2047-bit key when asked for 2048 + (or more generally n−1 bits when asked for n). + * Some updates to default settings: PuTTYgen now generates 2048-bit + keys by default (rather than 1024), and PuTTY defaults to UTF-8 + encoding and 2000 lines of scrollback (rather than ISO 8859-1 and + 200). + * Unix: PSCP and PSFTP now preserve the Unix file permissions, on + copies in both directions. + * Unix: dead keys and compose-character sequences are now supported. + * Unix: PuTTY and pterm now permit font fallback (where glyphs not + present in your selected font are automatically filled in from other + fonts on the system) even if you are using a server-side X11 font + rather than a Pango client-side one. + * Bug fixes too numerous to list, mostly resulting from running the + code through Coverity Scan which spotted an assortment of memory + and resource leaks, logic errors, and crashes in various circumstances. +- packaging changes: + * run make from base directory + * run tests + * remove putty-01-werror.diff (currently not needed) + * remove putty-02-remove-gtk1.diff, putty-05-glib-deprecated.diff, + putty-06-gtk2-indivhdr.diff (no longer needed) + * refresh putty-03-config.diff + * remove autoconf calls and requirements + * package HTML documentation + * package LICENCE file + +------------------------------------------------------------------- +Sun Dec 11 14:04:30 UTC 2011 - andreas.stie...@gmx.de + +- update to upstream 0.62: +* Security fix: PuTTY no longer retains passwords in memory by + mistake. +* Bug fix: Pageant now talks to both new-style clients (0.61 and + above) and old-style (0.60 and below). +* Bug fix: PuTTY no longer prints a spurious "Access denied" + message when GSSAPI authentication fails. +* Bug fix: PSCP and PSFTP now honour nonstandard port numbers in + SSH saved sessions. +* Bug fix: Pageant no longer leaks a file handle when an + authentication fails. +* Bug fix: PuTTYtel no longer crashes when saving a session. +* Bug fix: PuTTY now draws underlines under the underlined text + instead of sometimes putting them somewhere off to the right. +* Bug fix: PuTTY now should not draw VT100 line drawing characters + at the wrong vertical offset. +- fix SLE build + +------------------------------------------------------------------- +Tue Jul 26 23:25:28 UTC 2011 - jeng...@medozas.de + +- Initial package for build.opensuse.org New: ---- putty-0.64.tar.gz putty-0.64.tar.gz.RSA putty-03-config.diff putty.changes putty.keyring putty.spec ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ putty.spec ++++++ # # spec file for package putty # # Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: putty Version: 0.64 Release: 0 Summary: GTK-based terminal emulator program License: MIT Group: System/X11/Utilities Url: http://www.chiark.greenend.org.uk/~sgtatham/putty/ #Git-Web: http://tartarus.org/~simon-git/gitweb/?p=putty.git #Git-Clone: git://git.tartarus.org/simon/putty Source: http://the.earth.li/~sgtatham/putty/latest/%name-%version.tar.gz Source2: http://the.earth.li/~sgtatham/putty/latest/%name-%version.tar.gz.RSA Source4: %name.keyring Patch1: putty-03-config.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: gtk2-devel BuildRequires: krb5-devel Conflicts: pssh %description PuTTY is a terminal emulator application which can act as a client for the SSH, Telnet, rlogin, and raw TCP computing protocols and as a serial console client. %prep %setup -q %patch -P 1 -p1 %build %configure make %{?_smp_mflags}; %install %make_install %check make check %files %defattr(-,root,root) %doc LICENCE %_bindir/* %doc %_mandir/man*/* %doc doc/*.html %changelog ++++++ putty-03-config.diff ++++++ * Put 3DES off as insecure. * Always use "linux" terminal type. This resolves some strange key combos. * Set standard colors and use a more legilible font size. --- settings.c | 51 ++++++++++++++++++++++++++++++++++----------------- unix/gtkwin.c | 2 +- windows/windefs.c | 2 +- 3 files changed, 36 insertions(+), 19 deletions(-) Index: putty-0.63/settings.c =================================================================== --- putty-0.63.orig/settings.c 2013-08-02 23:33:40.000000000 +0100 +++ putty-0.63/settings.c 2013-08-06 19:22:06.000000000 +0100 @@ -12,8 +12,8 @@ static const struct keyvalwhere ciphernames[] = { { "aes", CIPHER_AES, -1, -1 }, { "blowfish", CIPHER_BLOWFISH, -1, -1 }, - { "3des", CIPHER_3DES, -1, -1 }, { "WARN", CIPHER_WARN, -1, -1 }, + { "3des", CIPHER_3DES, -1, -1 }, { "arcfour", CIPHER_ARCFOUR, -1, -1 }, { "des", CIPHER_DES, -1, -1 } }; @@ -696,7 +696,7 @@ void load_open_settings(void *sesskey, C } gppi(sesskey, "TCPNoDelay", 1, conf, CONF_tcp_nodelay); gppi(sesskey, "TCPKeepalives", 0, conf, CONF_tcp_keepalives); - gpps(sesskey, "TerminalType", "xterm", conf, CONF_termtype); + gpps(sesskey, "TerminalType", "linux", conf, CONF_termtype); gpps(sesskey, "TerminalSpeed", "38400,38400", conf, CONF_termspeed); if (!gppmap(sesskey, "TerminalModes", conf, CONF_ttymodes)) { /* This hardcodes a big set of defaults in any new saved @@ -783,10 +783,10 @@ void load_open_settings(void *sesskey, C gppi(sesskey, "PassiveTelnet", 0, conf, CONF_passive_telnet); gppi(sesskey, "BackspaceIsDelete", 1, conf, CONF_bksp_is_delete); gppi(sesskey, "RXVTHomeEnd", 0, conf, CONF_rxvt_homeend); - gppi(sesskey, "LinuxFunctionKeys", 0, conf, CONF_funky_type); + gppi(sesskey, "LinuxFunctionKeys", 1, conf, CONF_funky_type); gppi(sesskey, "NoApplicationKeys", 0, conf, CONF_no_applic_k); gppi(sesskey, "NoApplicationCursors", 0, conf, CONF_no_applic_c); - gppi(sesskey, "NoMouseReporting", 0, conf, CONF_no_mouse_rep); + gppi(sesskey, "NoMouseReporting", 1, conf, CONF_no_mouse_rep); gppi(sesskey, "NoRemoteResize", 0, conf, CONF_no_remote_resize); gppi(sesskey, "NoAltScreen", 0, conf, CONF_no_alt_screen); gppi(sesskey, "NoRemoteWinTitle", 0, conf, CONF_no_remote_wintitle); @@ -806,9 +806,9 @@ void load_open_settings(void *sesskey, C gppi(sesskey, "ApplicationKeypad", 0, conf, CONF_app_keypad); gppi(sesskey, "NetHackKeypad", 0, conf, CONF_nethack_keypad); gppi(sesskey, "AltF4", 1, conf, CONF_alt_f4); - gppi(sesskey, "AltSpace", 0, conf, CONF_alt_space); + gppi(sesskey, "AltSpace", 1, conf, CONF_alt_space); gppi(sesskey, "AltOnly", 0, conf, CONF_alt_only); - gppi(sesskey, "ComposeKey", 0, conf, CONF_compose_key); + gppi(sesskey, "ComposeKey", 1, conf, CONF_compose_key); gppi(sesskey, "CtrlAltKeys", 1, conf, CONF_ctrlaltkeys); gppi(sesskey, "TelnetKey", 0, conf, CONF_telnet_keyboard); gppi(sesskey, "TelnetRet", 1, conf, CONF_telnet_newline); @@ -816,12 +816,12 @@ void load_open_settings(void *sesskey, C gppi(sesskey, "LocalEdit", AUTO, conf, CONF_localedit); gpps(sesskey, "Answerback", "PuTTY", conf, CONF_answerback); gppi(sesskey, "AlwaysOnTop", 0, conf, CONF_alwaysontop); - gppi(sesskey, "FullScreenOnAltEnter", 0, conf, CONF_fullscreenonaltenter); + gppi(sesskey, "FullScreenOnAltEnter", 1, conf, CONF_fullscreenonaltenter); gppi(sesskey, "HideMousePtr", 0, conf, CONF_hide_mouseptr); gppi(sesskey, "SunkenEdge", 0, conf, CONF_sunken_edge); gppi(sesskey, "WindowBorder", 1, conf, CONF_window_border); - gppi(sesskey, "CurType", 0, conf, CONF_cursor_type); - gppi(sesskey, "BlinkCur", 0, conf, CONF_blink_cur); + gppi(sesskey, "CurType", 1, conf, CONF_cursor_type); + gppi(sesskey, "BlinkCur", 1, conf, CONF_blink_cur); /* pedantic compiler tells me I can't use conf, CONF_beep as an int * :-) */ gppi(sesskey, "Beep", 1, conf, CONF_beep); gppi(sesskey, "BeepInd", 0, conf, CONF_beep_ind); @@ -855,10 +855,10 @@ void load_open_settings(void *sesskey, C gppi(sesskey, "CRImpliesLF", 0, conf, CONF_crhaslf); gppi(sesskey, "DisableArabicShaping", 0, conf, CONF_arabicshaping); gppi(sesskey, "DisableBidi", 0, conf, CONF_bidi); - gppi(sesskey, "WinNameAlways", 1, conf, CONF_win_name_always); + gppi(sesskey, "WinNameAlways", 0, conf, CONF_win_name_always); gpps(sesskey, "WinTitle", "", conf, CONF_wintitle); gppi(sesskey, "TermWidth", 80, conf, CONF_width); - gppi(sesskey, "TermHeight", 24, conf, CONF_height); + gppi(sesskey, "TermHeight", 25, conf, CONF_height); gppfont(sesskey, "Font", conf, CONF_font); gppi(sesskey, "FontQuality", FQ_DEFAULT, conf, CONF_font_quality); gppi(sesskey, "FontVTMode", VT_UNICODE, conf, CONF_vtmode); @@ -870,11 +870,28 @@ void load_open_settings(void *sesskey, C for (i = 0; i < 22; i++) { static const char *const defaults[] = { - "187,187,187", "255,255,255", "0,0,0", "85,85,85", "0,0,0", - "0,255,0", "0,0,0", "85,85,85", "187,0,0", "255,85,85", - "0,187,0", "85,255,85", "187,187,0", "255,255,85", "0,0,187", - "85,85,255", "187,0,187", "255,85,255", "0,187,187", - "85,255,255", "187,187,187", "255,255,255" + "170,170,170", /* default foreground */ + "255,255,255", /* default bold foreground */ + "0,0,0", /* default background */ + "85,85,85", /* default bold background */ + "0,0,0", /* cursor text */ + "192,192,224", /* cursor color */ + "0,0,0", /* black */ + "85,85,85", /* black bold */ + "170,0,0", /* red */ + "255,0,0", /* red bold */ + "0,170,0", /* green */ + "0,255,0", /* green bold */ + "170,85,0", /* brown */ + "255,255,0", /* yellow bold */ + "0,0,170", /* blue */ + "0,0,255", /* blue bold */ + "170,0,170", /* magenta */ + "255,0,255", /* magenta bold */ + "0,170,170", /* cyan */ + "0,255,255", /* cyan bold */ + "170,170,170", /* white */ + "255,255,255", /* white bold */ }; char buf[20], *buf2; int c0, c1, c2; @@ -922,7 +939,7 @@ void load_open_settings(void *sesskey, C * The empty default for LineCodePage will be converted later * into a plausible default for the locale. */ - gpps(sesskey, "LineCodePage", "", conf, CONF_line_codepage); + gpps(sesskey, "LineCodePage", "UTF-8", conf, CONF_line_codepage); gppi(sesskey, "CJKAmbigWide", 0, conf, CONF_cjk_ambig_wide); gppi(sesskey, "UTF8Override", 1, conf, CONF_utf8_override); gpps(sesskey, "Printer", "", conf, CONF_printer); Index: putty-0.63/unix/gtkwin.c =================================================================== --- putty-0.63.orig/unix/gtkwin.c 2013-07-20 14:15:10.000000000 +0100 +++ putty-0.63/unix/gtkwin.c 2013-08-06 19:22:45.000000000 +0100 @@ -164,7 +164,7 @@ void connection_fatal(void *frontend, ch FontSpec *platform_default_fontspec(const char *name) { if (!strcmp(name, "Font")) - return fontspec_new("server:fixed"); + return fontspec_new("client:Monospace 14"); else return fontspec_new(""); } Index: putty-0.63/windows/windefs.c =================================================================== --- putty-0.63.orig/windows/windefs.c 2011-10-02 12:01:57.000000000 +0100 +++ putty-0.63/windows/windefs.c 2013-08-06 19:23:22.000000000 +0100 @@ -9,7 +9,7 @@ FontSpec *platform_default_fontspec(const char *name) { if (!strcmp(name, "Font")) - return fontspec_new("Courier New", 0, 10, ANSI_CHARSET); + return fontspec_new("Ludica Console", 0, 14, ANSI_CHARSET); else return fontspec_new("", 0, 0, 0); } ++++++ putty.keyring ++++++ pub 1024R/B41CAE29 2000-12-20 uid PuTTY Releases (RSA) <putty-b...@lists.tartarus.org> -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v2.0.19 (GNU/Linux) mQCNAzpA2ZYAAAEEAKxRyqIqZxKktdbrPo/OUj/4ij+yNIC8oBTVNgt3+NcAgFKI lPxjRKkrNFMrmXPaKRLp8/TS5Z46nSgG44d58G/5clu7IVge2YlCpvoIfo3ute2U UbBvXCJFVK5ePhNzQX8nGibmejxo8wF5CShyifhmoyfd96cf9u85zMC0HK4pAAUR tDRQdVRUWSBSZWxlYXNlcyAoUlNBKSA8cHV0dHktYnVnc0BsaXN0cy50YXJ0YXJ1 cy5vcmc+iQCVAwUQOkDZlu85zMC0HK4pAQG7XQP6AlJiPCmN7PMz92LhqNbK4B1Y WtNCcDKz1wZZow2OrQW79SZ+I6RqWC/z/1YKIgYY30aE2UtY9OMUYlQ+I08rsYC4 hNxNY4JvyyP9AT7wiJlpvdWtD590Z5DYwdSTeZg8w0N3NvCJ6m3ivFHiEZuJcZjd cfPQziUxGjQi6HzG+sc= =18Fm -----END PGP PUBLIC KEY BLOCK----- -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org