Updated putty packages fix CVE-2016-2563Publication date: 16 Mar 2016
Affected Mageia releases : 5
Updated putty package fixes security vulnerability: Many versions of PSCP in PuTTY prior to 0.67 have a stack corruption vulnerability in their treatment of the 'sink' direction (i.e. downloading from server to client) of the old-style SCP protocol. In order for this vulnerability to be exploited, the user must connect to a malicious server and attempt to download any file (CVE-2016-2563). The putty package has been updated to version 0.67 to fix this issue and a few other bugs. The halibut package has been updated to version 1.1 to build the documentation.