SUSE alert openSUSE-SU-2026:20851-1 (putty)
| From: | null@suse.de | |
| To: | security-announce@lists.opensuse.org | |
| Subject: | openSUSE-SU-2026:20851-1: important: Security update for putty | |
| Date: | Mon, 01 Jun 2026 17:51:43 +0200 | |
| Message-ID: | <20260601155143.75E72FCE7@maintenance.suse.de> | |
| Archive-link: | Article |
openSUSE security update: security update for putty ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20851-1 Rating: important Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves various issues can now be installed. Description: This update for putty fixes the following issues: Changes in putty: - Update to release 0.84 * Fixed a remotely triggerable double-free in RSA key exchange. * Fixed a remotely triggerable crash (assertion failure - program termination) in NIST ECDSA signature verification. * Fixed marking of Telnet and Rlogin session data with a trust sigil after you authenticated to a proxy (possibly allowing a server to spoof a repeat proxy password prompt). * New ability to run a specified command before starting the connection, e.g. to perform wake-on-LAN or a port knock. * Display 'pre-edit text', showing the progress of using multiple keystrokes to compose a single Unicode character. * Improved support for to running the GUI tools on Wayland (fixed startup issues and tuned performance). * Configuring a SSH certificate authority used to fail unless you manually made a config directory, now fixed. * Fixed a spurious "Network error: Socket is not connected" when authenticating to some HTTP proxies. Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-packagehub-281=1 Package List: - openSUSE Leap 16.0: putty-0.84-bp160.1.1