PuTTY 0.71 Remote Networking for PC Windows
更新細節:
Security fixes found by an EU-funded bug bounty programme:
a remotely triggerable memory overwrite in RSA key exchange, which can occur before host key verification
potential recycling of random numbers used in cryptography
on Windows, hijacking by a malicious help file in the same directory as the executable
on Unix, remotely triggerable buffer overflow in any kind of server-to-client forwarding
multiple denial-of-service attacks that can be triggered by writing to the terminal
Other security enhancements: major rewrite of the crypto code to remove cache and timing side channels.
User interface changes to protect against fake authentication prompts from a malicious server.
We now provide pre-built binaries for Windows on Arm.
Hardware-accelerated versions of the most common cryptographic primitives: AES, SHA-256, SHA-1.
GTK PuTTY now supports non-X11 displays (e.g. Wayland) and high-DPI configurations.
Type-ahead now works as soon as a PuTTY window is opened: keystrokes typed before authentication has finished will be buffered instead of being dropped.
Support for GSSAPI key exchange: an alternative to the older GSSAPI authentication system which can keep your forwarded Kerberos credentials updated during a long session.
More choices of user interface for clipboard handling.
New terminal features: support the REP escape sequence (fixing an ncurses screen redraw failure), true colour, and SGR 2 dim text.
Pressing Ctrl+Shift+PgUp or Ctrl+Shift+PgDn now takes you straight to the top or bottom of the terminal scrollback.
版本下載:PuTTY 0.71 Remote Networking for PC Windows
PuTTY 0.70
更新細節:
Security fix: the Windows PuTTY binaries should no longer be vulnerable to hijacking by specially named DLLs in the same directory, even a name we missed when we thought we'd fixed this in 0.69.
Windows PuTTY should be able to print again, after our DLL hijacking defenses broke that functionality.
Windows PuTTY should be able to accept keyboard input outside the current code page, after our DLL hijacking defenses broke that too.
版本下載:PuTTY 0.70
PuTTY 0.70 Remote Networking for PC Windows
更新細節:
Security fix: the Windows PuTTY binaries should no longer be vulnerable to hijacking by specially named DLLs in the same directory, even a name we missed when we thought we'd fixed this in 0.69.
Windows PuTTY should be able to print again, after our DLL hijacking defenses broke that functionality.
Windows PuTTY should be able to accept keyboard input outside the current code page, after our DLL hijacking defenses broke that too.
版本下載:PuTTY 0.70 Remote Networking for PC Windows
PuTTY 0.69
更新細節:
Security fix: the Windows PuTTY binaries should no longer be vulnerable to hijacking by specially named DLLs in the same directory, even the names we missed when we thought we'd fixed this in 0.68.
Windows PuTTY should work with MIT Kerberos again, after our DLL hijacking defences broke it.
Jump lists should now appear again on the PuTTY shortcut in the Windows Start Menu.
You can now explicitly configure SSH terminal mode settings not to be sent to the server, if your server objects to them.
版本下載:PuTTY 0.69
PuTTY 0.68
更新細節:
- Security fix: an integer overflow bug in the agent forwarding code.
- Security fix: the Windows PuTTY binaries should no longer be vulnerable to hijacking by specially named DLLs in the same directory (on versions of Windows where they previously were).
- Windows PuTTY no longer sets a restrictive process ACL by default, because this turned out to inconvenience too many legitimate applications such as NVDA and TortoiseGit. You can still manually request a restricted ACL using the command-line option -restrict-acl.
- The Windows PuTTY tools now come in a 64-bit version.
- The Windows PuTTY tools now have Windows's ASLR and DEP security features turned on.
- Support for elliptic-curve cryptography (the NIST curves and 25519), for host keys, user authentication keys, and key exchange.
- Support for importing and exporting OpenSSH's new private key format.
- Host key preference policy change: PuTTY prefers host key formats for which it already knows the key.
- Run-time option (from the system menu / Ctrl-right-click menu) to retrieve other host keys from the same server (which cross-certifies them using the session key established using an already-known key) and add them to the known host-keys database.
- The Unix GUI PuTTY tools can now be built against GTK 3.
- There is now a Unix version of Pageant.
版本下載:PuTTY 0.68
PuTTY 0.67 Beta
HWiNFO 5.22
Icecream PDF Split&Merge 3.0
更新細節:
- Use Windows context menu to add PDF files for splitting or merging.
- Set permissions, password, meta for output files both in "Split" and "Merge" modes.
- Select certain pages or page ranges of files to be merged in “Merge” mode.
- Easy sorting of split PDF files due to their new naming.
- Compress output PDF files.
- Version of the program is now visible on loading screen.
- Several GUI bug fixes.
版本下載:Icecream PDF Split&Merge 3.0
PuTTY 0.66 Beta
更新細節:
- Fixes a security hole in 0.65 and before: vuln-ech-overflow. It also contains a few other small bug fixes and minor features.
版本下載:PuTTY 0.66 Beta
PuTTY 0.65 Beta
更新細節:
- Fixes the Vista bug where the configuration dialog became invisible, and a few other bugs, large and small.
版本下載:PuTTY 0.65 Beta
PuTTY 0.64 Beta
更新細節:
- Security fix: PuTTY no longer retains the private half of users' keys in memory by mistake after authenticating with them. See private-key-not-wiped-2. (Sorry! We thought we'd fixed that in 0.63, but missed one.)
- Support for SSH connection sharing, so that multiple instances of PuTTY to the same host can share a single SSH connection instead of all having to log in independently.
- Command-line and configuration option to specify the expected host key(s).
- Defaults change: PuTTY now defaults to SSH-2 only, instead of its previous default of SSH-2 preferred.
- Local socket errors in port-forwarded connections are now recorded in the PuTTY Event Log.
- Bug fix: repeat key exchanges in the middle of an SSH session now never cause an annoying interactive host key prompt.
- Bug fix: reset the bolded-text default setting back to what it used to be. (0.63 set it to something wrong, as a side effect of refactoring.)
- Bug fix: IPv6 literals are handled sensibly throughout the suite, if you enclose them in square brackets to prevent the colons being mistaken for a :port suffix.
- Bug fix: IPv6 dynamic port forwardings should work again.
版本下載:PuTTY 0.64 Beta
PuTTY 0.63 Beta
更新細節:
- Security fix: prevent a nefarious SSH server or network attacker from crashing PuTTY at startup in three different ways by presenting a maliciously constructed public key and signature.
- Security fix: PuTTY no longer retains the private half of users' keys in memory by mistake after authenticating with them.
- Revamped the internal configuration storage system to remove all fixed arbitrary limits on string lengths. In particular, there should now no longer be an unreasonably small limit on the number of port forwardings PuTTY can store.
- Port-forwarded TCP connections which close one direction before the other should now be reliably supported, with EOF propagated independently in the two directions. This also fixes some instances of port-forwarding data corruption (if the corruption consisted of losing data from the very end of the connection) and some instances of PuTTY failing to close when the session is over (because it wrongly thought a forwarding channel was still active when it was not).
- The terminal emulation now supports xterm's bracketed paste mode (allowing aware applications to tell the difference between typed and pasted text, so that e.g. editors need not apply inappropriate auto-indent).
- You can now choose to display bold text by both brightening the foreground colour and changing the font, not just one or the other.
- PuTTYgen will now never generate a 2047-bit key when asked for 2048 (or more generally n−1 bits when asked for n).
- Some updates to default settings: PuTTYgen now generates 2048-bit keys by default (rather than 1024), and PuTTY defaults to UTF-8 encoding and 2000 lines of scrollback (rather than ISO 8859-1 and 200).
- Unix: PSCP and PSFTP now preserve the Unix file permissions, on copies in both directions.
- Unix: dead keys and compose-character sequences are now supported.
- Unix: PuTTY and pterm now permit font fallback (where glyphs not present in your selected font are automatically filled in from other fonts on the system) even if you are using a server-side X11 font rather than a Pango client-side one.
- Bug fixes too numerous to list, mostly resulting from running the code through Coverity Scan which spotted an assortment of memory and resource leaks, logic errors, and crashes in various circumstances.
版本下載:PuTTY 0.63 Beta
PuTTY 0.62 Beta
更新細節:
* Security fix: PuTTY no longer retains passwords in memory by mistake.
* Bug fix: Pageant now talks to both new-style clients (0.61 and above) and old-style (0.60 and below).
* Bug fix: PuTTY no longer prints a spurious "Access denied" message when GSSAPI authentication fails.
* Bug fix: PSCP and PSFTP now honour nonstandard port numbers in SSH saved sessions.
* Bug fix: Pageant no longer leaks a file handle when an authentication fails.
* Bug fix: PuTTYtel no longer crashes when saving a session.
* Bug fix: PuTTY now draws underlines under the underlined text instead of sometimes putting them somewhere off to the right.
* Bug fix: PuTTY now should not draw VT100 line drawing characters at the wrong vertical offset.
版本下載:PuTTY 0.62 Beta
PuTTY 0.61 Beta
更新細節:
* Kerberos/GSSAPI authentication in SSH-2.
* Local X11 authorisation support on Windows. (Unix already had it, of course.)
* Support for non-fixed-width fonts on Windows.
* GTK 2 support on Unix.
* Specifying the logical host name independently of the physical network address to connect to.
* Crypto and flow control optimisations.
* Support for the zlib@openssh.com SSH-2 compression method.
* Support for new Windows 7 UI features: Aero resizing and jump lists.
* Support for OpenSSH AES-encrypted private key files in PuTTYgen.
* Bug fix: handles OpenSSH private keys with primes in either order.
* Bug fix: corruption of port forwarding is fixed (we think).
* Bug fix: various crashes and hangs when exiting on failure,
* Bug fix: hang in the serial back end on Windows.
* Bug fix: Windows clipboard is now read asynchronously, in case of deadlock due to the clipboard owner being at the far end of the same PuTTY's network connection (either via X forwarding or via tunnelled rdesktop).
版本下載:PuTTY 0.61 Beta