openSUSE Recommended Update: Recommended update for putty ______________________________________________________________________________ Announcement ID: openSUSE-RU-2020:1058-1 Rating: moderate References: #1173442 Affected Products: openSUSE Leap 15.2 openSUSE Leap 15.1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for putty fixes the following issues: putty was updated to release 0.74: * security fix: if an SSH server accepted an offer of a public key and then rejected the signature, PuTTY could access freed memory, if the key had come from an SSH agent. (boo#1173442) * Added a new configuration option to mitigate a minor information leak in SSH host key policy. Patch Instructions: To install this openSUSE Recommended Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2020-1058=1 - openSUSE Leap 15.1: zypper in -t patch openSUSE-2020-1058=1 Package List: - openSUSE Leap 15.2 (x86_64): putty-0.74-lp152.2.3.1 putty-debuginfo-0.74-lp152.2.3.1 putty-debugsource-0.74-lp152.2.3.1 - openSUSE Leap 15.1 (x86_64): putty-0.74-lp151.3.9.1 putty-debuginfo-0.74-lp151.3.9.1 putty-debugsource-0.74-lp151.3.9.1 References: https://bugzilla.suse.com/1173442