notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC
Ukraine
non port: security/putty/Makefile

Number of commits found: 87

Tuesday, 16 Apr 2024
06:38 Matthias Andree (mandree) search for other commits by this committer
security/putty: SECURITY update to 0.81

This fixes a vulnerability where NIST P521 ecdsa-sha2-nistp521 (only!)
keys can be recovered easily because signature generation in PuTTY used
a biased random number generator.

MFH:		2024Q2
Security:       080936ba-fbb7-11ee-abc8-6960f2492b1d
Security:       CVE-2024-31497
commit hash: f8f9196ec1aa3e62b7e89d1630f4a61711737ffa commit hash: f8f9196ec1aa3e62b7e89d1630f4a61711737ffa commit hash: f8f9196ec1aa3e62b7e89d1630f4a61711737ffa commit hash: f8f9196ec1aa3e62b7e89d1630f4a61711737ffa f8f9196
Saturday, 23 Dec 2023
18:14 Nuno Teixeira (eduardo) search for other commits by this committer
*/*: Bump consumers of x11-toolkits/gtk30

New version of gtk3 in tree
commit hash: 3572ca3e01dedf1fe5b3776bd164e123252f5ef5 commit hash: 3572ca3e01dedf1fe5b3776bd164e123252f5ef5 commit hash: 3572ca3e01dedf1fe5b3776bd164e123252f5ef5 commit hash: 3572ca3e01dedf1fe5b3776bd164e123252f5ef5 3572ca3
Tuesday, 19 Dec 2023
22:24 Matthias Andree (mandree) search for other commits by this committer
security/putty: security update → 0.80 to fix Terrapin vulnerability

Note this requires the server side to also add the protocol extension.

Security:	91955195-9ebb-11ee-bc14-a703705db3a6
Security:	CVE-2023-48795
Changelog:	https://lists.tartarus.org/pipermail/putty-announce/2023/000037.html
MFH:		2023Q4
commit hash: f9007a580563292af2d4ad675a6b414d26096438 commit hash: f9007a580563292af2d4ad675a6b414d26096438 commit hash: f9007a580563292af2d4ad675a6b414d26096438 commit hash: f9007a580563292af2d4ad675a6b414d26096438 f9007a5
Sunday, 27 Aug 2023
12:46 Matthias Andree (mandree) search for other commits by this committer
security/putty: update → 0.79

ChangeLog: 	https://lists.tartarus.org/pipermail/putty-announce/2023/000036.html
MFH:		2023Q3
commit hash: 51b6c68f5d73369f070c9131461a5f7b5972e00b commit hash: 51b6c68f5d73369f070c9131461a5f7b5972e00b commit hash: 51b6c68f5d73369f070c9131461a5f7b5972e00b commit hash: 51b6c68f5d73369f070c9131461a5f7b5972e00b 51b6c68
Thursday, 2 Mar 2023
05:23 Tobias C. Berner (tcberner) search for other commits by this committer
accessibility/at-spi2-core: update to 2.46.0

What's new in at-spi2-core 2.46.0:
* Fix GetInterfaces documentation on org.a11y.atspi.Accessible
  interface.

What's new in at-spi2-core 2.45.91:
* Send device event controller events using the same signature as other
  events.
* Document the Accessible, Action, and Cache dbus interfaces.
* Fix license of atspi-gmain.c (#87).

What's new in at-spi2-core 2.45.90:
* xml: Add some documentation.
* xml: Fix event arguments.
* xml: Add some missing DeviceEventController methods.
* Bind the AT-SPI bus to the graphical session.
* Mark bus service as belonging to the session slice.
* Add ATSPI_ROLE_PUSH_BUTTON_MENU.
* Add an "announcement" event/signal to allow objects to send
  notifications (!63).
* Various code clean-ups and test improvements.

What's new in at-spi2-core 2.45.1:
* Atk and at-spi2-atk are now merged into this project.
* Now requires meson 0.56.2 and glib 2.67.4.
* at-spi2-atk: Expose the accessible hierarchy via dbus introspection.
* Properly escape the AT-SPI bus address; fixes warnings about the address
  not containing a colon (!55).
* Add a text value to AtspiValue, so that a value can expose a textual
  description, as in the new Atk value API.
* Add atspi_event_listener_register_with_app, to allow an event listener
  to be registered only for a given application (!52).

- accessibility/atk and accessibility/at-spi2-atk have been merged into
  accessibility/at-spi2-core

- accessibility/at-spi2-core: bump consumers of removed ports atk and
at-spi2-atk

PR:		269704
Exp-run by:	antoine
---
commit hash: fa81a4f5f8ed2bc2104eca4ebbb1b69731bae2e8 commit hash: fa81a4f5f8ed2bc2104eca4ebbb1b69731bae2e8 commit hash: fa81a4f5f8ed2bc2104eca4ebbb1b69731bae2e8 commit hash: fa81a4f5f8ed2bc2104eca4ebbb1b69731bae2e8 fa81a4f
Saturday, 29 Oct 2022
19:15 Matthias Andree (mandree) search for other commits by this committer
security/putty: update to 0.78 release

FreeBSD relevant changes since 20221023 snapshot:

* f9a8213d 2022-10-29 | Docs: add a 'pdf' cmake target. (origin/main,
origin/HEAD) [Jacob Nevins]
* 4ff82ab2 2022-10-28 | Update version number for 0.78 release. (tag: 0.78)
[Simon Tatham]
* 475c2387 2022-10-28 | Unix: stop accessing ctrl->fileselect for font
selectors. [Simon Tatham]
* 329a4cdd 2022-10-24 | authplugin-example.py: Flush stderr. [Jacob Nevins]
* 538c8fd2 2022-10-24 | authplugin-example.py: Mention documentation. [Jacob
Nevins]
* a7106d8e 2022-10-23 | Add missing initialisation of term->osc_strlen. [Simon
Tatham]
* bdb3ac9f 2022-10-23 | Restrict -pwfile / -pw to apply to server prompts only.
[Simon Tatham]
* 2fbb9284 2022-10-23 | Fix outdated comment relating to -pw. [Jacob Nevins]
* f7e86ca2 2022-10-22 | README: remove mention of doc/Makefile. [Jacob Nevins]
* f229aab2 2022-10-23 | Rewrap a paragraph in README. [Jacob Nevins]

MFH:		2022Q4 (after 10 days)

According to Simon, he caught this assertion error in the act,
and 475c2387 should fix
PR:		267253
commit hash: a4d049c425af9241685bdc1ccae7f5aa29c42e85 commit hash: a4d049c425af9241685bdc1ccae7f5aa29c42e85 commit hash: a4d049c425af9241685bdc1ccae7f5aa29c42e85 commit hash: a4d049c425af9241685bdc1ccae7f5aa29c42e85 a4d049c
Sunday, 23 Oct 2022
10:25 Matthias Andree (mandree) search for other commits by this committer
security/putty: update to snapshot 20221023

FreeBSD-relevant changes since previous snapshot:
* 75ac4443 2022-10-22 | Document subdomain matching of cert expr wildcards.
[Jacob Nevins]
* 500568d2 2022-10-22 | Docs: fix trivial typo from 6472f7fc77. [Jacob Nevins]
* 5f3b743e 2022-10-21 | Tweak certified-host-key prompt. [Jacob Nevins]
* bb1ebc9b 2022-10-21 | Docs: tweak certified-host-key warning responses. [Jacob
Nevins]
* 5716c638 2022-10-21 | Docs: cross-reference host-key warning sections. [Jacob
Nevins]
* 8c534c26 2022-10-21 | Docs: note "wrong host key" warning is stronger. [Jacob
Nevins]
* 1d1d81d6 2022-10-21 | Fix regressions in Gtk host key "More info". [Jacob
Nevins]
* dc9ab5e0 2022-10-21 | Rename NTRU Prime / Curve25519 kex in UI. [Jacob Nevins]
* 6472f7fc 2022-10-21 | Docs: update Pageant key list description. [Jacob
Nevins]
* 5d5a6a8f 2022-10-21 | Docs: MD5 is forced for SSH-1 key fingerprints. [Jacob
Nevins]
* d4298308 2022-10-21 | Docs: prime generation defaults are usually fine. [Jacob
Nevins]
* 2b5b7b5c 2022-10-21 | Docs: note warning about <2048-bit RSA/DSA keys. [Jacob
Nevins]
* 617bf732 2022-10-21 | Docs: PuTTYgen: fix gratuitous exclusion of PSFTP.
[Jacob Nevins]
* 11950739 2022-10-21 | Docs: add index alias for "ECDSA". [Jacob Nevins]
* 4af8a585 2022-10-20 | cmdgen: Fix docs and usage messages. [Jacob Nevins]
* 68c97fb2 2022-10-19 | Fix installing man pages from our tarballs. [Jacob
Nevins]
* 2222cd10 2022-10-12 | AES-GCM NEON: cope with missing vaddq_p128. [Simon
Tatham]

While here, fix PORTVERSION->DISTVERSION to get rid of the tilde
that confuses pkg(8).

And while it may not fix the issue, I still want this commit log
to appear in
PR:		267253
commit hash: 765de7a6ce543a53566a43544c07db2e2686e0df commit hash: 765de7a6ce543a53566a43544c07db2e2686e0df commit hash: 765de7a6ce543a53566a43544c07db2e2686e0df commit hash: 765de7a6ce543a53566a43544c07db2e2686e0df 765de7a
Wednesday, 12 Oct 2022
20:14 Matthias Andree (mandree) search for other commits by this committer
security/putty: fix ARM NEON AES-GCM code

Cherry-pick a test patch from upstream maintainer:

- this uses fallback code for compilers not providing vaddq_p128
  (f.i. clang-10 on FreeBSD 12.3 AMD64/aarch64)
- and uses vaddq_p128 on systems that provide it, for instance,
  FreeBSD 13-STABLE AMD64/aarch64 with clang 14.0.5

Obtained from:	Simon Tatham
MFH:		2022Q4
commit hash: 1632d93d92d9ba58401834a571ba89860963a171 commit hash: 1632d93d92d9ba58401834a571ba89860963a171 commit hash: 1632d93d92d9ba58401834a571ba89860963a171 commit hash: 1632d93d92d9ba58401834a571ba89860963a171 1632d93
Tuesday, 11 Oct 2022
22:17 Matthias Andree (mandree) search for other commits by this committer
security/putty: fix aarch64 build on clang 10.

clang 10 (FreeBSD 12.3) does not support vaddq_p128 and similar
ARM NEON intrinsics, but clang 13 (FreeBSD 13.1) does.

Abuse the HAVE_NEON_PMULL cmake test to disable aesgcm-neon.c
unless vaddq_p128() is available.

http://ampere1.nyi.freebsd.org/data/123arm64-quarterly/31229ca1324c/logs/putty-nogtk-0.78~pre20220922.log:
/wrkdirs/usr/ports/security/putty-nogtk/work/putty-0.78~pre20220922.9fcfd67/crypto/aesgcm-neon.c:125:16:
warning: implicit declaration of function 'vaddq_p128' is invalid in C99
[-Wimplicit-function-declaration]
	ctx->acc = vaddq_p128(ctx->acc, load_p128_be(coeff));
commit hash: 8fc6b69f47e7ee7da005f8b59fc10522d287740b commit hash: 8fc6b69f47e7ee7da005f8b59fc10522d287740b commit hash: 8fc6b69f47e7ee7da005f8b59fc10522d287740b commit hash: 8fc6b69f47e7ee7da005f8b59fc10522d287740b 8fc6b69
Thursday, 22 Sep 2022
19:01 Matthias Andree (mandree) search for other commits by this committer
security/putty: update to 0.78~pre20220922

This permits a FreeBSD build without patches; the two remaining
items are 1. avoiding the GSSAPI-related call into pkg-config because it
would not cover base-GSSAPI so we force the fallback to krb5-config
(which we control by way of ports/Mk/Uses/gssapi.mk), and
2. making sure PuTTY's build would not ascend directory hierarchy to
pick up our ports tree's Git information. We are only packaging
(pre-)release tarballs where we do not need to run Git.

Thanks to Simon Tatham, upstream maintainer, for issuing the
pre-releases and being very responsive and open to making the
build experience smooth for everyone.
commit hash: 5a7297ac38566336450df1f6c8a69a0c817778f8 commit hash: 5a7297ac38566336450df1f6c8a69a0c817778f8 commit hash: 5a7297ac38566336450df1f6c8a69a0c817778f8 commit hash: 5a7297ac38566336450df1f6c8a69a0c817778f8 5a7297a
06:04 Matthias Andree (mandree) search for other commits by this committer
security/putty: add Git patch to fix X11 inclusion

Pull in a fix from upstream's Git to avoid pulling in X11 headers
in no-GTK builds, so we can remove one more local workaround.
commit hash: 80d2d91271d91dbc2ea0e3199328206c4a983d5f commit hash: 80d2d91271d91dbc2ea0e3199328206c4a983d5f commit hash: 80d2d91271d91dbc2ea0e3199328206c4a983d5f commit hash: 80d2d91271d91dbc2ea0e3199328206c4a983d5f 80d2d91
Monday, 19 Sep 2022
17:29 Matthias Andree (mandree) search for other commits by this committer
security/putty: Update to pre20220919 + 2 Git patches

This allows us to remove all local patch files.
commit hash: 4872e1bf8eb07e7f2cae42145539e1166162dc33 commit hash: 4872e1bf8eb07e7f2cae42145539e1166162dc33 commit hash: 4872e1bf8eb07e7f2cae42145539e1166162dc33 commit hash: 4872e1bf8eb07e7f2cae42145539e1166162dc33 4872e1b
Sunday, 18 Sep 2022
13:01 Matthias Andree (mandree) search for other commits by this committer
security/putty: permanently remove GSSAPI_DYNAMIC

While it seems a nice idea to load the GSS provider library at run-time,
the existing search code hardwires library versions and only works
with krb5 (MIT Kerberos), and does not attempt to control library paths.

This sort of defeats the purpose, and we do not need a brittle
alternative for a robust GSSAPI_MIT.

So, drop the commented-out GSSAPI_DYNAMIC stuff from the Makefile.
commit hash: aeada4ef180dedba3e988f0ce5b0cd1c210e6220 commit hash: aeada4ef180dedba3e988f0ce5b0cd1c210e6220 commit hash: aeada4ef180dedba3e988f0ce5b0cd1c210e6220 commit hash: aeada4ef180dedba3e988f0ce5b0cd1c210e6220 aeada4e
12:08 Matthias Andree (mandree) search for other commits by this committer
security/putty: Pick right Kerberos version

Make sure that putty only compiles and links against the configured
static GSSAPI version, especially against base even if krb5 or heimdal
are installed.

To that end, hand down the right krb5-config executable,
and punch out pkg-config from the shipped unix.cmake.
commit hash: 11605adf4600c1f01617bd98f38a1b30a1ac99fc commit hash: 11605adf4600c1f01617bd98f38a1b30a1ac99fc commit hash: 11605adf4600c1f01617bd98f38a1b30a1ac99fc commit hash: 11605adf4600c1f01617bd98f38a1b30a1ac99fc 11605ad
11:42 Matthias Andree (mandree) search for other commits by this committer
security/putty*: clean up options and patches
commit hash: 7602a4002e7e273cd41c1fa879f7837f0b466816 commit hash: 7602a4002e7e273cd41c1fa879f7837f0b466816 commit hash: 7602a4002e7e273cd41c1fa879f7837f0b466816 commit hash: 7602a4002e7e273cd41c1fa879f7837f0b466816 7602a40
11:35 Matthias Andree (mandree) search for other commits by this committer
security/putty: upgrade to pre-release 0.78~pre20220916.e1b73f0

ChangeLog: https://lists.tartarus.org/pipermail/putty-announce/2022/000034.html

Please test this thoroughly and if you happen to have a Kerberos-
or GSSAPI-enabled SSH server, please give the maintainer feedback
whether GSSAPI works for you and which GSSAPI library you have
installed.
commit hash: 8b46420daadaf0c374278ab9e11e9eba069e834a commit hash: 8b46420daadaf0c374278ab9e11e9eba069e834a commit hash: 8b46420daadaf0c374278ab9e11e9eba069e834a commit hash: 8b46420daadaf0c374278ab9e11e9eba069e834a 8b46420
11:35 Matthias Andree (mandree) search for other commits by this committer
security/putty: Fix static GSSAPI solutions,

with a patch received from Simon Tatham, and mask GSSAPI_DYNAMIC
for now, because it is not working. Debugging going on, but let's
get GSSAPI working at all for now, and make GSSAPI_BASE the default.
commit hash: 41f892414e181e8938f18ba78ce54a6153d2739c commit hash: 41f892414e181e8938f18ba78ce54a6153d2739c commit hash: 41f892414e181e8938f18ba78ce54a6153d2739c commit hash: 41f892414e181e8938f18ba78ce54a6153d2739c 41f8924
Wednesday, 7 Sep 2022
21:10 Stefan Eßer (se) search for other commits by this committer
Add WWW entries to port Makefiles

It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.

Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.

There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.

This commit implements such a proposal and moves one of the WWW: entries
of each pkg-descr file into the respective port's Makefile. A heuristic
attempts to identify the most relevant URL in case there is more than
one WWW: entry in some pkg-descr file. URLs that are not moved into the
Makefile are prefixed with "See also:" instead of "WWW:" in the pkg-descr
files in order to preserve them.

There are 1256 ports that had no WWW: entries in pkg-descr files. These
ports will not be touched in this commit.

The portlint port has been adjusted to expect a WWW entry in each port
Makefile, and to flag any remaining "WWW:" lines in pkg-descr files as
deprecated.

Approved by:		portmgr (tcberner)
commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52 commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52 commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52 commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52 b7f0544
10:26 Tobias C. Berner (tcberner) search for other commits by this committer
cleanup: remove trailing whitepaces
commit hash: b86221feeafaacbff38b27dd5999866460e3a67b commit hash: b86221feeafaacbff38b27dd5999866460e3a67b commit hash: b86221feeafaacbff38b27dd5999866460e3a67b commit hash: b86221feeafaacbff38b27dd5999866460e3a67b b86221f
Friday, 27 May 2022
23:20 Matthias Andree (mandree) search for other commits by this committer
security/putty: update to 0.77

PuTTY 0.77 changed its build system to cmake, and restructured the
source code, thus the patches were regenerated and updated.

As a consequence, GSSAPI_BASE no longer works because cmake wants
pkg-config and hence .pc files.

GSSAPI_HEIMDAL does not compile due to #define (&_foo) xxx.
Both GSSAPI_BASE and GSSAPI_HEIMDAL were disabled. Assistance solicited.

There is a new experimental GSSAPI_DYNAMIC which permits configuring the
GSS provider at run-time, which the package maintainer cannot test
for lack of Kerberized access somewhere. Feedback solicited.

Puttytel was removed upstream, Psusan was added, which is just the inner
SSH protocol layer. See its man page for details.

GTK2 remnants were removed. GTK is currently inseparable from X11,
message was sent to upstream maintainer to see if that is intentional.

Manual pages now install into ${PREFIX}/share/man/man1 (previous
versions of the port installed into ${PREFIX}/man/man1).

Upstream changes: see
https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html

No MFH due to intrusive changes and removal of options.
commit hash: f3d4c381ab172f5266130f329d09f6eb279babfb commit hash: f3d4c381ab172f5266130f329d09f6eb279babfb commit hash: f3d4c381ab172f5266130f329d09f6eb279babfb commit hash: f3d4c381ab172f5266130f329d09f6eb279babfb f3d4c38
Tuesday, 23 Nov 2021
22:11 Stefan Eßer (se) search for other commits by this committer
*/*: Remove redundant '-[0-9]*' from CONFLICTS_INSTALL

The conflict checks compare the patterns first against the package
names without version (as reported by "pkg query "%n"), then - if
there was no match - agsinst the full package names including the
version (as reported by "pkg query "%n-%v").

Approved by: portmgr (blanket)
commit hash: 5933ac0b099d61d98eb531d373cf57a8927bc7af commit hash: 5933ac0b099d61d98eb531d373cf57a8927bc7af commit hash: 5933ac0b099d61d98eb531d373cf57a8927bc7af commit hash: 5933ac0b099d61d98eb531d373cf57a8927bc7af 5933ac0
Tuesday, 14 Sep 2021
10:55 Bernhard Froehlich (decke) search for other commits by this committer
security/putty: Fix CPE information because current one is deprecated

Approved by:    portmgr (blanket)
commit hash: 1ab5027227804eb941bf829231c438fb1eeca2b8 commit hash: 1ab5027227804eb941bf829231c438fb1eeca2b8 commit hash: 1ab5027227804eb941bf829231c438fb1eeca2b8 commit hash: 1ab5027227804eb941bf829231c438fb1eeca2b8 1ab5027
Sunday, 18 Jul 2021
08:49 Matthias Andree (mandree) search for other commits by this committer
security/putty: update to 0.76.

FreeBSD relevant changes per
https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html

+ New option to abandon an SSH connection if the server allows you to
  authenticate in a trivial manner.
+ Bug fix: user colour-palette reconfiguration via 'Change Settings'
  were delayed-action.
+ Bug fix: server colour-palette reconfigurations were sometimes lost.
+ Bug fix: a tight loop could occur on reading a truncated private key
  file.
commit hash: 7807f3bad2cbeb019d5b53bda958a620e31683ac commit hash: 7807f3bad2cbeb019d5b53bda958a620e31683ac commit hash: 7807f3bad2cbeb019d5b53bda958a620e31683ac commit hash: 7807f3bad2cbeb019d5b53bda958a620e31683ac 7807f3b
Saturday, 8 May 2021
15:00 Matthias Andree (mandree) search for other commits by this committer
security/putty: update to 0.75

https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html

Deprecate -gtk2 version for Mid-December 2021.

Clean up a bit.
commit hash: 6b288be1e66ea83b1210a9bd2feac2359b76846a commit hash: 6b288be1e66ea83b1210a9bd2feac2359b76846a commit hash: 6b288be1e66ea83b1210a9bd2feac2359b76846a commit hash: 6b288be1e66ea83b1210a9bd2feac2359b76846a 6b288be
Wednesday, 7 Apr 2021
08:09 Mathieu Arnold (mat) search for other commits by this committer
One more small cleanup, forgotten yesterday.
Reported by:	lwhsu
commit hash: cf118ccf875508b9a1c570044c93cfcc82bd455c commit hash: cf118ccf875508b9a1c570044c93cfcc82bd455c commit hash: cf118ccf875508b9a1c570044c93cfcc82bd455c commit hash: cf118ccf875508b9a1c570044c93cfcc82bd455c cf118cc
Tuesday, 6 Apr 2021
14:31 Mathieu Arnold (mat) search for other commits by this committer
Remove # $FreeBSD$ from Makefiles.
commit hash: 305f148f482daf30dcf728039d03d019f88344eb commit hash: 305f148f482daf30dcf728039d03d019f88344eb commit hash: 305f148f482daf30dcf728039d03d019f88344eb commit hash: 305f148f482daf30dcf728039d03d019f88344eb 305f148
Wednesday, 1 Jul 2020
22:14 mandree search for other commits by this committer
security/putty*: take LICENCE file from extracted source,

...rather than copying it into $FILESDIR where it would require
maintenance.

Reported by:	danfe@
Original commitRevision:540995 
Sunday, 28 Jun 2020
13:59 mandree search for other commits by this committer
security/putty*: rename and update LICENCE from tarball.
Original commitRevision:540719 
13:55 mandree search for other commits by this committer
security/putty*: upgrade to 0.74 security fix release

Changelog:
https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html

among them are these two---and more bugfixes beyond not listed here:

  * Security fix: if an SSH server accepted an offer of a public key
    and then rejected the signature, PuTTY could access freed memory,
    if the key had come from an SSH agent.

  * Security feature: new config option to disable PuTTY's dynamic
    host key preference policy, if you prefer to avoid giving away
    to eavesdroppers which hosts you have stored keys for.

MFH:		2020Q2
Security:       6190c0cd-b945-11ea-9401-2dcf562daa69
Security:       CVE-2020-14002
Security:       FZI-2020-5
Original commitRevision:540716 
Friday, 18 Oct 2019
15:58 mandree search for other commits by this committer
Update to upstream release 0.73 (security fixes)

Relevant changes taken from this...
ChangeLog:	https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html

* Security fix: in bracketed paste mode, the terminal escape sequences that
  should delimit the pasted data were appearing together on one side of it,
  making it possible to misidentify pasted data as manual keyboard input.
* Bug fix (possibly security-related): an SSH-1 server sending a disconnection
  message could cause an access to freed memory.
* Bug fix: tweaked terminal handling to prevent lost characters at the ends of
  lines in gcc's coloured error messages.
* Bug fix: removed a bad interaction between the 'clear scrollback' operation
  and mouse selection that could give rise to the dreaded "line==NULL"
  assertion box.

MFH:		2019Q4
Original commitRevision:514728 
Wednesday, 9 Oct 2019
12:20 bapt search for other commits by this committer
Drop the ipv6 virtual category for s* category as it is not relevant anymore
Original commitRevision:514144 
Saturday, 20 Jul 2019
16:16 mandree search for other commits by this committer
Security update to new upstream release 0.72.

Security fixes found by the EU-funded bug bounty:
- two separate vulnerabilities affecting the obsolete SSH-1 protocol, both
available before host key checking
- a vulnerability in all the SSH client tools (PuTTY, Plink, PSFTP and PSCP) if
a malicious program can impersonate Pageant

Changelog:	https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html

Switch off -DSTATIC_GSSAPI build as that produces non-working executables
(assertion failures). Bug has been reported upstream.

MFH:		2019Q3
Security:	5914705c-ab03-11e9-a4f9-080027ac955c
Original commitRevision:507001 
Tuesday, 26 Mar 2019
23:58 mandree search for other commits by this committer
Reinstate GSSAPI_NONE option.

Not bumping PORTREVISION as the default build is unaffected.

Obtained from:	Jacob Nevins, upstream Git commit 7ad08649
Original commitRevision:496930 
Sunday, 17 Mar 2019
14:17 mandree search for other commits by this committer
Update security/putty to 0.71 security fix release

Unfortunately, this new release breaks GSSAPI_NONE, which is removed
for now. Bug has been reported upstream.

Changelog: https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html

MFH:		2019Q1
Security:	46e1ece5-48bd-11e9-9c40-080027ac955c
Original commitRevision:496064 
Monday, 2 Apr 2018
21:29 mandree search for other commits by this committer
Reinstate support for GTK2 (rather than GTK3) as an OPTION.

While here, add a putty-gtk2 slave port and update _CONFLICTS.

Since the default package does not change, and pkg would handle conflicts
around attempted installation of the new -gtk2 package, omit the
PORTREVISION bump from Miroslav's original patch.

PR:		227200
Submitted by:	Miroslav Lachman
Original commitRevision:466267 
Sunday, 15 Oct 2017
14:05 madpilot search for other commits by this committer
Retire WITHOUT_DEBUG flag.

The flag has partial support across the tree, and the same effect
can be obtained by using ".undef WITH_DEBUG".

Reviewed by:		mat, rene
Approved by:		portmgr (rene)
Differential Revision:	https://reviews.freebsd.org/D12548
Original commitRevision:452147 
Friday, 11 Aug 2017
12:58 mandree search for other commits by this committer
Update to 0.70, and make GSSAPI impl. selectable.

PR:		220838
Submitted by:	cy@
Original commitRevision:447756 
Saturday, 13 May 2017
13:16 mandree search for other commits by this committer
security/putty: install icon and .desktop file

PR:		219095
Submitted by:	ehaupt@
Original commitRevision:440836 
Thursday, 4 May 2017
21:27 mandree search for other commits by this committer
Update to new upstream release 0.69.

Upstream change "You can now explicitly configure SSH terminal mode
settings not to be sent to the server, if your server objects to them."

Enable pageant, was missing from the 0.68 upgrade.

Switch to GTK3, no longer compiles with GTK2.

The security fixes contained in 0.69 are only good on Windows, so not
flagging this as a security update.
Original commitRevision:440116 
Thursday, 16 Mar 2017
23:39 mandree search for other commits by this committer
Update to new upstream release 0.68 (security fixes)

Additional minor updates on top of cy@'s patch (USE_GNOME, USE_XORG,
LDFLAGS).

ChangeLog: http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html

Submitted by:	cy@
MFH:		2017Q1
Security:	CVE-2017-6542
Security:	9b973e97-0a99-11e7-ace7-080027ef73ec
Differential Revision:	https://reviews.freebsd.org/D10023
Original commitRevision:436313 
Friday, 16 Dec 2016
20:30 mandree search for other commits by this committer
Add new putty-nogtk port as alternative SSH implementation.
Original commitRevision:428696 
Wednesday, 20 Jul 2016
15:33 mat search for other commits by this committer
Cleanup $() variables in ports Makefiles.

Mostly replace with ${}, but sometime, replace with $$() because it is
what was intended in the first place. (I think.)

Sponsored by:	Absolight
Original commitRevision:418840 
Monday, 7 Mar 2016
16:54 mandree search for other commits by this committer
Security upgrade to new upstream release 0.67.

Unix-relevant changes:
* Security fix: a buffer overrun in the old-style SCP protocol when receiving
  the header of each file downloaded from the server is fixed. (CVE-2016-2563)
* Assorted other robustness fixes for crashes and memory leaks.

MFH:		2016Q1
Security:	7f0fbb30-e462-11e5-a3f3-080027ef73ec
Security:	CVE-2016-2563
Original commitRevision:410527 
Monday, 23 Nov 2015
11:44 marino search for other commits by this committer
security/putty: Fix typo
Original commitRevision:402275 
11:42 marino search for other commits by this committer
security/putty: Fix krb5 dependency

Due to using both <bsd.port.pre.mk> and <bsd.port.options.mk>, the
USES+= gssapi:mit directive was ignored and not included in the build
dependency list.  Remove <pre>/<post> includes to fix.

Approved by:	mandree (maintainer)
Original commitRevision:402274 
Monday, 9 Nov 2015
09:18 mandree search for other commits by this committer
Update to new upstream release 0.66 (security fix).

Switch to USES=gssapi:mit.

Security:	CVE-2015-5309
Security:	0cb0afd9-86b8-11e5-bf60-080027ef73ec
Original commitRevision:401087 
Thursday, 15 Oct 2015
14:55 mat search for other commits by this committer
Drop 8 support.

With hat:	portmgr
Sponsored by:	Absolight
Differential Revision:	https://reviews.freebsd.org/D3694
Original commitRevision:399346 
Wednesday, 29 Jul 2015
22:57 mandree search for other commits by this committer
Update to new upstream bug-fix release 0.65

Release notes:
http://lists.tartarus.org/pipermail/putty-announce/2015/000021.html
Original commitRevision:393203 
Thursday, 14 May 2015
10:15 mat search for other commits by this committer
MASTER_SITES cleanup.

- Replace ${MASTER_SITE_FOO} with FOO.
- Merge MASTER_SITE_SUBDIR into MASTER_SITES when possible. (This means 99.9%
  of the time.)
- Remove occurrences of MASTER_SITE_LOCAL when no subdirectory was present and
  no hint of what it should be was present.
- Fix some logic.
- And generally, make things more simple and easy to understand.

While there, add magic values to the FESTIVAL, GENTOO, GIMP, GNUPG, QT and
SAMBA macros.

Also, replace some EXTRACT_SUFX occurences with USES=tar:*.

Checked by:	make fetch-urlall-list
With hat:	portmgr
Sponsored by:	Absolight
Original commitRevision:386312 
Friday, 6 Mar 2015
20:29 mandree search for other commits by this committer
Add CPE info.

PR:		198369
Submitted by:	shun.fbsd.pr@dropcut.net
Original commitRevision:380619 
Thursday, 5 Mar 2015
22:15 mandree search for other commits by this committer
Upgrade to upstream bugfix release 0.64.

This fixes a security bug, various other bugs, and supports SSH
connection sharing between multiple instances of PuTTY and its tools.

MFH:		2015Q1
Security:	92fc2e2b-c383-11e4-8ef7-080027ef73ec
Security:	CVE-2015-2157
Original commitRevision:380554 
Monday, 14 Jul 2014
18:42 bapt search for other commits by this committer
Modernize LIB_DEPENDS

With hat:	portmgr
Original commitRevision:361812 
Wednesday, 25 Jun 2014
05:35 bapt search for other commits by this committer
Convert GMAKE to MAKE_CMD
Please note that lots of invocation of MAKE_CMD here are wrong as they do not
properly respect MAKE_ENV and friends

With hat:	portmgr
Original commitRevision:359185 
Tuesday, 1 Oct 2013
14:53 mandree search for other commits by this committer
Support staging.
Original commitRevision:328955 
Friday, 20 Sep 2013
22:55 bapt search for other commits by this committer
Add NO_STAGE all over the place in preparation for the staging support (cat:
security)
Original commitRevision:327769 
Thursday, 12 Sep 2013
00:21 marino search for other commits by this committer
Add explicit dependency on pkgconf (27 ports)
Original commitRevision:327018 
Wednesday, 7 Aug 2013
16:11 mandree search for other commits by this committer
Upgrade PuTTY to new 0.63 beta upstream release, adding vulnerability info.

Quoting the upstream's change log:

- Security fix: prevent a nefarious SSH server or network attacker from
  crashing PuTTY at startup in three different ways by presenting a maliciously
  constructed public key and signature.
- Security fix: PuTTY no longer retains the private half of users' keys in
  memory by mistake after authenticating with them.
- Revamped the internal configuration storage system to remove all fixed
  arbitrary limits on string lengths. In particular, there should now no longer
  be an unreasonably small limit on the number of port forwardings PuTTY can
  store.
- Port-forwarded TCP connections which close one direction before the other
  should now be reliably supported, with EOF propagated independently in the
  two directions. This also fixes some instances of port-forwarding data
  corruption (if the corruption consisted of losing data from the very end of
  the connection) and some instances of PuTTY failing to close when the session
  is over (because it wrongly thought a forwarding channel was still active
  when it was not).
- The terminal emulation now supports xterm's bracketed paste mode (allowing
  aware applications to tell the difference between typed and pasted text, so
  that e.g. editors need not apply inappropriate auto-indent).
- You can now choose to display bold text by both brightening the foreground
  colour and changing the font, not just one or the other.  - PuTTYgen will now
  never generate a 2047-bit key when asked for 2048 (or more generally n[?]1
bits
  when asked for n).
- Some updates to default settings: PuTTYgen now generates 2048-bit keys by
  default (rather than 1024), and PuTTY defaults to UTF-8 encoding and 2000
  lines of scrollback (rather than ISO 8859-1 and 200).
- Unix: PSCP and PSFTP now preserve the Unix file permissions, on copies in
  both directions.
- Unix: dead keys and compose-character sequences are now supported.
- Unix: PuTTY and pterm now permit font fallback (where glyphs not present in
  your selected font are automatically filled in from other fonts on the
  system) even if you are using a server-side X11 font rather than a Pango
  client-side one.
- Bug fixes too numerous to list, mostly resulting from running the code
  through Coverity Scan which spotted an assortment of memory and resource
  leaks, logic errors, and crashes in various circumstances.

Security:	4b448a96-ff73-11e2-b28d-080027ef73ec
Security:	CVE-2013-4206
Security:	CVE-2013-4207
Security:	CVE-2013-4208
Security:	CVE-2013-4852
Original commitRevision:324357 
Sunday, 6 Jan 2013
13:04 mandree search for other commits by this committer
Bump PORTREVISION, to get the ports rebuilt with ${CC}.
Original commitRevision:309981 
12:52 mandree search for other commits by this committer
- Convert to Options NG. Renames GTK option to GTK2 for consistency.
- Strip Makefile header.
- Make sure that the port build heeds ${CC}, passing it through MAKE_ARGS.
- Replace CC-is-clang specific -Wno-empty-body by unconditional -Wno-error.
- Remove LIB_DEPENDS ABI versions.
Original commitRevision:309979 
Thursday, 15 Nov 2012
23:33 mandree search for other commits by this committer
Add CONFLICTS.

Suggested by:	ketas's ports conflicts checker
Feature safe:	yes
Original commitRevision:307470 
Saturday, 13 Oct 2012
13:39 dinoex search for other commits by this committer
- cleanup comments
Feature safe: yes
Original commitRevision:305832 
Friday, 1 Jun 2012
05:26 dinoex search for other commits by this committer
- update png to 1.5.10
Original commit
Monday, 12 Dec 2011
19:57 mandree search for other commits by this committer
Update PuTTY to new upstream security and bug fix release 0.62,
and add a new VuXML entry.

Changelog:     
http://lists.tartarus.org/pipermail/putty-announce/2011/000017.html
Security:       bbd5f486-24f1-11e1-95bc-080027ef73ec
Feature safe:   yes
Original commit
Sunday, 11 Dec 2011
03:18 mandree search for other commits by this committer
Revise OPTIONS wording.

Feature safe: yes
Original commit
Wednesday, 30 Nov 2011
04:03 cy search for other commits by this committer
Fix build with GSSAPI under 9.0.

Approved by:    tabthorp (portmgr)
Feature safe:   yes
Original commit
Sunday, 17 Jul 2011
14:18 mandree search for other commits by this committer
- Take over maintainership from beat@ along his suggestion,
  permit him to take it back or commit without my approval.
- Update to upstream version 0.61.
- Add OPTIONS for GSSAPI and GTK (both enabled by default).

  NOTE: GSSAPI is currently broken on 9-CURRENT because the
  Kerberos in base expects MD2 which isn't provided by OpenSSL.

- mark BROKEN on OSVERSION >= 900000 when GSSAPI is enabled
- heed CFLAGS, CC, WITH_DEBUG, INSTALL_* settings.
- WITHOUT_X11 is now an alias for WITHOUT_GTK
- drop utmp support, the upstream requires a utmpx implementation that
  FreeBSD does not provide in any version.
- Preliminary clang support (adds files/patch-timing.c)
- Refreshed patches.
Original commit
Wednesday, 28 Jan 2009
23:25 beat search for other commits by this committer
Update my email address to @FreeBSD.org.

Approved by:    miwi (mentor)
Original commit
Sunday, 4 Jan 2009
16:19 miwi search for other commits by this committer
- Pass maintainership to submitter

Submitted by:   "Beat Gätzi" <beat@chruetertee.ch>
Original commit
Friday, 6 Jun 2008
14:01 edwin search for other commits by this committer
Bump portrevision due to upgrade of devel/gettext.

The affected ports are the ones with gettext as a run-dependency
according to ports/INDEX-7 (5007 of them) and the ones with USE_GETTEXT
in Makefile (29 of them).

PR:             ports/124340
Submitted by:   edwin@
Approved by:    portmgr (pav)
Original commit
Tuesday, 22 Jan 2008
15:58 garga search for other commits by this committer
Drop maintainership
Original commit
Wednesday, 13 Jun 2007
12:03 garga search for other commits by this committer
- Add one more MASTER_SITE
Original commit
Friday, 25 May 2007
12:34 garga search for other commits by this committer
- Update to 0.60

PR:             ports/112377
Submitted by:   Dima Panov <fluffy@ael.ru>
Original commit
Saturday, 19 May 2007
20:32 flz search for other commits by this committer
- Welcome X.org 7.2 \o/.
- Set X11BASE to ${LOCALBASE} for recent ${OSVERSION}.
- Bump PORTREVISION for ports intalling files in ${X11BASE}.
Original commit
Thursday, 15 Mar 2007
17:59 garga search for other commits by this committer
Install puttygen even if you set WITHOUT_GTK since it doesn't require gtk.

PR:             ports/110335
Submitted by:   Kenneth Vestergaard Schmidt<kvs@pil.dk>
Original commit
Sunday, 11 Feb 2007
17:10 garga search for other commits by this committer
Update to 0.59
Original commit
Saturday, 3 Feb 2007
13:18 garga search for other commits by this committer
- Remove 4.x support on my ports
Original commit
Saturday, 13 May 2006
04:15 edwin search for other commits by this committer
Remove USE_REINPLACE from all categories starting with S
Original commit
Tuesday, 7 Mar 2006
08:28 ade search for other commits by this committer
Bump PORTREVISION on glib12/gtk12 consumer ports to ease the upgrade path.

Discussed with: kris
Approved by:    portmgr (implicit)
Original commit
Monday, 11 Jul 2005
16:47 garga search for other commits by this committer
Change MAINTAINER to my @FreeBSD.org account

Approved by:    flz (mentor)
Original commit
Saturday, 30 Apr 2005
15:17 leeym search for other commits by this committer
- Update to 0.58
- Assign maintainership

PR:             80460
Submitted by:   Renato Botelho <freebsd@galle.com.br>
Original commit
Sunday, 20 Feb 2005
21:09 simon search for other commits by this committer
Security update to 0.57.

Security:      
http://vuxml.FreeBSD.org/a413ed94-836e-11d9-a9e7-0001020eed82.html
Approved by:    erwin (mentor)
Original commit
Thursday, 28 Oct 2004
10:17 dinoex search for other commits by this committer
- Security Update to 0.56
Original commit
Thursday, 14 Oct 2004
05:23 dinoex search for other commits by this committer
- drop maintainership
Original commit
Wednesday, 4 Aug 2004
08:03 dinoex search for other commits by this committer
- Security update to 0.55
Original commit
Sunday, 15 Feb 2004
19:29 dinoex search for other commits by this committer
- improve supoort of gtk
Submitted by:   fjoe
Original commit
07:52 dinoex search for other commits by this committer
- Enable IPV6 Support per default
- new Option WITHOUT_IPV6
Submitted by:   ume
Original commit
Friday, 13 Feb 2004
17:45 dinoex search for other commits by this committer
PuTTY is a client program for the SSH, Telnet and Rlogin network protocols.

These protocols are all used to run a remote session on a computer,
over a network. PuTTY implements the client end of that session:
the end at which the session is displayed, rather than the end
at which it runs.

WWW: http://www.chiark.greenend.org.uk/~sgtatham/putty/
Original commit

Number of commits found: 87