Source: putty Version: 0.63-10 Severity: grave Tags: security upstream patch Justification: user security hole
Hi, the following vulnerability was published for putty. CVE-2017-6542[0]: |integer overflow permits memory overwrite by forwarded ssh-agent |connections If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-6542 [1] http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html [2] https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=4ff22863d895cb7ebfced4cf923a012a614adaa8 Regards, Salvatore
