Debian Package Tracker

general

source: putty (main)
version: 0.70-4
maintainer: Colin Watson [DMD] [LowNMU]
arch: all any
std-ver: 3.5.9
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.62-9+deb7u3
o-o-sec: 0.62-9+deb7u3
oldstable: 0.63-10+deb8u1
old-sec: 0.63-10+deb8u1
stable: 0.67-3
testing: 0.70-4
unstable: 0.70-4

versioned links

0.62-9+deb7u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.63-10+deb8u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.67-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.70-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

pterm
putty
putty-doc
putty-tools

action needed

Standards version of the package is outdated. high

The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.2.1 instead of 3.5.9).

Created: 2014-08-21 Last update: 2018-08-26 08:17

AppStream hints: 2 errors high

AppStream found metadata issues for packages:

pterm: 1 error
putty: 1 error

You should get rid of them to provide more metadata about this software.

Created: 2018-06-04 Last update: 2018-06-04 02:27

3 bugs tagged patch in the BTS normal

The BTS contains patches fixing 3 bugs, consider including or untagging them.

Created: 2018-10-01 Last update: 2018-10-21 08:04

Depends on packages which need a new maintainer normal

The packages that putty depends on which need a new maintainer are:

dh-exec (#851746)
- Build-Depends: dh-exec

Created: 2017-12-02 Last update: 2018-10-21 06:44

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2018-07-27 Last update: 2018-10-21 04:06

4 new commits since last upload, time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 0.70-5, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 33b6370daad503ae68b55e84fded02ae40a4c520
Merge: c1ea00ba b34e1b4b
Author: Colin Watson <cjwatson@debian.org>
Date:   Sun Aug 12 23:38:40 2018 +0100

    Declare the explicit requirement for (fake)root
    
    See merge request ssh-team/putty!1

commit b34e1b4b68d6f1150ca0475e334d2038ddd587ca
Author: Niels Thykier <niels@thykier.net>
Date:   Sun Aug 12 18:22:14 2018 +0000

     Declare the explicit requirement for (fake)root
    
    The putty package currently requires (fake)root to produce the debs due to static non-root:root ownerships in the debs.

commit c1ea00ba73e02c358bfa034c2c7f3a3afed0c2d0
Author: Colin Watson <cjwatson@debian.org>
Date:   Sat Aug 4 23:40:06 2018 +0100

    Mark all binary packages Multi-Arch: foreign.

commit 9f82330c38629c24df741455144ce813c06ba472
Author: Colin Watson <cjwatson@debian.org>
Date:   Sat Jun 16 18:16:49 2018 +0100

    Chase Vcs-Git redirection

Created: 2018-06-17 Last update: 2018-10-20 21:56

lintian reports 5 warnings normal

Lintian reports 5 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2018-04-12 Last update: 2018-04-12 07:57

Multiarch hinter reports 1 issue(s) low

There are issues with the multiarch metadata for this package.

putty-doc could be marked Multi-Arch: foreign

Created: 2016-09-14 Last update: 2018-10-21 04:01

2 ignored security issues in jessie low

There are 2 open security issues in jessie.

2 issues skipped by the security teams:

CVE-2017-6542: The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overflow.
CVE-2016-2563: Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service (stack memory corruption) or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request.

Please fix them.

Created: 2016-03-06 Last update: 2018-06-02 08:03

news

[rss feed]

[2018-04-11] putty 0.70-4 MIGRATED to testing (Debian testing watch)
[2018-04-10] putty 0.70-4 MIGRATED to testing (Debian testing watch)
[2018-04-04] Accepted putty 0.70-4 (source) into unstable (Colin Watson)
[2018-04-03] Accepted putty 0.70-3 (source) into unstable (Colin Watson)
[2018-03-10] putty 0.70-2 MIGRATED to testing (Debian testing watch)
[2018-03-04] Accepted putty 0.70-2 (source) into unstable (Colin Watson)
[2017-07-13] putty 0.70-1 MIGRATED to testing (Debian testing watch)
[2017-07-08] Accepted putty 0.70-1 (source) into unstable (Colin Watson)
[2017-06-23] putty 0.69-2 MIGRATED to testing (Debian testing watch)
[2017-06-18] Accepted putty 0.69-2 (source) into unstable (Colin Watson)
[2017-04-29] Accepted putty 0.69-1 (source) into experimental (Colin Watson)
[2017-04-02] Accepted putty 0.68-2 (source) into experimental (Colin Watson)
[2017-04-02] Accepted putty 0.68-1 (source) into experimental (Colin Watson)
[2017-03-25] putty 0.67-3 MIGRATED to testing (Debian testing watch)
[2017-03-22] Accepted putty 0.67-3 (source) into unstable (Colin Watson)
[2016-03-24] putty 0.67-2 MIGRATED to testing (Debian testing watch)
[2016-03-18] Accepted putty 0.67-2 (source) into unstable (Colin Watson)
[2016-03-09] putty 0.67-1 MIGRATED to testing (Debian testing watch)
[2016-03-06] Accepted putty 0.67-1 (source) into unstable (Colin Watson)
[2016-02-11] putty 0.66-4 MIGRATED to testing (Debian testing watch)
[2016-02-05] Accepted putty 0.66-4 (source) into unstable (Colin Watson)
[2016-01-10] putty 0.66-3 MIGRATED to testing (Debian testing watch)
[2016-01-04] Accepted putty 0.66-3 (source) into unstable (Colin Watson)
[2015-12-22] Accepted putty 0.62-9+deb7u3 (source amd64 all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Colin Watson)
[2015-12-04] Accepted putty 0.63-10+deb8u1 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Colin Watson)
[2015-11-30] putty 0.66-2 MIGRATED to testing (Britney)
[2015-11-24] Accepted putty 0.66-2 (source) into unstable (Colin Watson)
[2015-11-24] Accepted putty 0.60+2010-02-20-1+squeeze4 (all source) into squeeze-lts (Ben Hutchings)
[2015-11-10] putty 0.66-1 MIGRATED to testing (Britney)
[2015-11-07] Accepted putty 0.66-1 (source amd64 all) into unstable (Colin Watson)

bugs [bug history graph]

all: 26 27
RC: 0
I&N: 18 19
M&W: 8
F&P: 0
patch: 3

links

homepage
lintian (0, 5)
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.70-4
23 bugs (1 patch)