Fedora Linux 8797 Published by

A putty security update is available for Fedora Linux 40:

[SECURITY] Fedora 40 Update: putty-0.81-1.fc40




[SECURITY] Fedora 40 Update: putty-0.81-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-d85c1f7450
2024-08-20 01:31:27.523900
--------------------------------------------------------------------------------

Name : putty
Product : Fedora 40
Version : 0.81
Release : 1.fc40
URL : http://www.chiark.greenend.org.uk/~sgtatham/putty/
Summary : SSH, Telnet and Rlogin client
Description :
Putty is a SSH, Telnet & Rlogin client - this time for Linux.

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2024-31497.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr 17 2024 Jaroslav Škarvada - 0.81-1
- New version
Resolves: rhbz#2275179
- Fixed vulnerability allowing recovery of NIST P-521 private keys
Resolves: CVE-2024-31497
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2275183 - CVE-2024-31497 putty: secret key recovery of NIST P-521 private keys through biased ECDSA nonces in putty client
https://bugzilla.redhat.com/show_bug.cgi?id=2275183
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-d85c1f7450' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------