putty - Debian Package Tracker

general

source: putty (main)
version: 0.76-2
maintainer: Colin Watson (DMD) (LowNMU)
arch: all any
std-ver: 3.5.9
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.67-3+deb9u1
o-o-sec: 0.67-3+deb9u1
oldstable: 0.70-6
stable: 0.74-1
testing: 0.76-2
unstable: 0.76-2

versioned links

0.67-3+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.70-6: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.74-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.76-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

pterm (16 bugs: 0, 10, 6, 0)
putty (7 bugs: 0, 6, 1, 0)
putty-doc
putty-tools (2 bugs: 0, 1, 1, 0)

action needed

Standards version of the package is outdated. high

The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.1 instead of 3.5.9).

Created: 2014-08-21 Last update: 2022-05-11 23:25

AppStream hints: 4 errors and 2 warnings high

AppStream found metadata issues for packages:

pterm: 2 errors and 1 warning
putty: 2 errors and 1 warning

You should get rid of them to provide more metadata about this software.

Created: 2018-06-04 Last update: 2022-01-21 06:05

3 bugs tagged patch in the BTS normal

The BTS contains patches fixing 3 bugs, consider including or untagging them.

Created: 2021-08-14 Last update: 2022-05-29 06:32

Depends on packages which need a new maintainer normal

The packages that putty depends on which need a new maintainer are:

dh-exec (#851746)
- Build-Depends: dh-exec

Created: 2019-11-22 Last update: 2022-05-29 06:02

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 0.76-3, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 5a2ae87206ea539e1daaf9c7ba40ec6bfb22b8e6
Author: Colin Watson <cjwatson@debian.org>
Date:   Wed Dec 29 02:49:11 2021 +0000

    Simplify some debhelper overrides slightly

commit 0f080b209cf73104afd8d0eae5889cba10aa5bd8
Author: Colin Watson <cjwatson@debian.org>
Date:   Wed Dec 29 00:12:28 2021 +0000

    Use dh_installalternatives

Created: 2021-12-29 Last update: 2022-05-28 04:09

lintian reports 4 warnings normal

Lintian reports 4 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2021-09-06 Last update: 2022-01-01 04:34

2 low-priority security issues in buster low

There are 2 open security issues in buster.

2 issues left for the package maintainer to handle:

CVE-2020-14002: (needs triaging) PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client).
CVE-2021-36367: (needs triaging) PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt (that the attacker can use to capture credential data, and use that data for purposes that are undesired by the client user).

You can find information about how to handle these issues in the security team's documentation.

Created: 2021-02-19 Last update: 2021-12-26 05:02

1 low-priority security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue left for the package maintainer to handle:

CVE-2021-36367: (needs triaging) PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt (that the attacker can use to capture credential data, and use that data for purposes that are undesired by the client user).

You can find information about how to handle this issue in the security team's documentation.

Created: 2021-08-14 Last update: 2021-12-26 05:02

news

[rss feed]

[2021-12-26] putty 0.76-2 MIGRATED to testing (Debian testing watch)
[2021-12-21] Accepted putty 0.76-2 (source) into unstable (Colin Watson)
[2021-08-21] putty 0.76-1 MIGRATED to testing (Debian testing watch)
[2021-08-16] putty 0.75-3 MIGRATED to testing (Debian testing watch)
[2021-08-15] Accepted putty 0.76-1 (source) into unstable (Colin Watson)
[2021-07-10] Accepted putty 0.75-3 (source) into unstable (Colin Watson)
[2021-06-02] Accepted putty 0.75-2 (source) into unstable (Colin Watson)
[2021-05-09] Accepted putty 0.75-1 (source) into unstable (Colin Watson)
[2020-07-02] putty 0.74-1 MIGRATED to testing (Debian testing watch)
[2020-06-27] Accepted putty 0.74-1 (source) into unstable (Colin Watson)
[2020-05-14] putty 0.73-3 MIGRATED to testing (Debian testing watch)
[2020-05-08] Accepted putty 0.73-3 (source) into unstable (Colin Watson)
[2020-04-10] putty 0.73-2 MIGRATED to testing (Debian testing watch)
[2020-04-05] Accepted putty 0.73-2 (source) into unstable (Colin Watson)
[2019-10-05] putty 0.73-1 MIGRATED to testing (Debian testing watch)
[2019-09-29] Accepted putty 0.73-1 (source) into unstable (Colin Watson)
[2019-09-06] putty 0.72-2 MIGRATED to testing (Debian testing watch)
[2019-08-31] Accepted putty 0.72-2 (source) into unstable (Colin Watson)
[2019-07-28] putty 0.72-1 MIGRATED to testing (Debian testing watch)
[2019-07-23] Accepted putty 0.72-1 (source) into unstable (Colin Watson)
[2019-04-24] Accepted putty 0.63-10+deb8u2 (source amd64 all) into oldstable (Thorsten Alteholz)
[2019-04-04] Accepted putty 0.67-3+deb9u1 (source) into proposed-updates->stable-new, proposed-updates (Colin Watson)
[2019-04-03] Accepted putty 0.67-3+deb9u1 (source) into stable->embargoed, stable (Colin Watson)
[2019-03-27] putty 0.70-6 MIGRATED to testing (Debian testing watch)
[2019-03-20] Accepted putty 0.71-1 (source) into experimental (Colin Watson)
[2019-03-17] Accepted putty 0.70-6 (source) into unstable (Colin Watson)
[2018-11-03] putty 0.70-5 MIGRATED to testing (Debian testing watch)
[2018-10-28] Accepted putty 0.70-5 (source) into unstable (Colin Watson)
[2018-04-11] putty 0.70-4 MIGRATED to testing (Debian testing watch)
[2018-04-10] putty 0.70-4 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 25 26
RC: 0
I&N: 17 18
M&W: 8
F&P: 0
patch: 3

links

homepage
lintian (0, 4)
buildd: logs, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.76-2
25 bugs (1 patch)