Security fixes found by an EU-funded bug bounty programme: - a remotely triggerable memory overwrite in RSA key exchange, which can occur before host key verification - potential recycling of random numbers used in cryptography - on Windows, hijacking by a malicious help file in the same directory as the executable - on Unix, remotely triggerable buffer overflow in any kind of server-to-client forwarding - multiple denial-of-service attacks that can be triggered by writing to the terminal - Other security enhancements: major rewrite of the crypto code to remove cache and timing side channels - We now provide pre-built binaries for Windows on Arm - Hardware-accelerated versions of the most common cryptographic primitives: AES, SHA-256, SHA-1 - GTK PuTTY now supports non-X11 displays (e.g.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |