Subj : PuTTY 0.81 security release
To   : All
From : LWN.net
Date : Tue Apr 16 2024 16:45:06

PuTTY 0.81 security release

Date:
Tue, 16 Apr 2024 15:33:16 +0000

Description:
Version
0.81 of the PuTTY SSH client is out with a fix for CVE-2024-31497 ;
some users will want to update and generate new keys: PuTTY 0.81, released 
today, fixes a critical vulnerability
	 CVE-2024-31497 in the use of 521-bit ECDSA keys
	 (ecdsa-sha2-nistp521). If you have used a 521-bit ECDSA private
	 key with any previous version of PuTTY, consider the private key
	 compromised: remove the public key from authorized_keys files, and
	 generate a new key pair. However, this only affects that one 
algorithm and key size. No
	 other size of ECDSA key is affected, and no other key type is
	 affected.

======================================================================
Link to news story:
https://lwn.net/Articles/970045/


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)

.