openSUSE Recommended Update: Recommended update for putty ______________________________________________________________________________ Announcement ID: openSUSE-RU-2020:1110-1 Rating: moderate References: #1173442 Affected Products: openSUSE Backports SLE-15-SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for putty fixes the following issues: putty was updated to release 0.74: * security fix: if an SSH server accepted an offer of a public key and then rejected the signature, PuTTY could access freed memory, if the key had come from an SSH agent. (boo#1173442) * Added a new configuration option to mitigate a minor information leak in SSH host key policy. This update was imported from the openSUSE:Leap:15.2:Update update project. Patch Instructions: To install this openSUSE Recommended Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP2: zypper in -t patch openSUSE-2020-1110=1 Package List: - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64): putty-0.74-bp152.4.3.1 References: https://bugzilla.suse.com/1173442