知名SSH/Telnet 程序PuTTY 0.76 发布,带来了安全修正、证书和协议升级。PuTTY 是一款集成虚拟终端、系统控制台和网络文件传输为一体的自由开源程序。它支持多种网络协议,包括 SCP,SSH,Telnet,rlogin 和原始的套接字连接,它也可以连接到串行端口。其软件名字“PuTTY”并没有特殊含义。
PuTTY 是一套免费的 SSH / Telnet 程序,它可以连接上支持 SSH Telnet 协议的站点,并且可自动取得对方的系统指纹码 (Fingerprint).建立联机以后,所有的通讯内容都是以加密的方式传输,因此你再也不用害怕使用 Telnet 在 Internet 或公司的内部网络传输资料时被他人获知内容了.
新版本是一个安全更新版本,修复了过时的 SSH-1 中漏洞协议,也包括 0.71 以来的各种 bug 修复。其中许多安全问题是在最近欧盟资助的 HackerOne(全球知名漏洞悬赏平台) 上发现的,根据发布公告,该赏金计划已于 7 月结束,共持续了约半年时间。之后想反馈 bug 的话可通过电子邮件与 PuTTY 团队联系,具体可查看反馈页面。
主要漏洞修复如下:
- 安全修复:如果 SSH 服务器接受了提供的公共密钥,然后拒绝了签名,那么如果密钥来自 SSH 代理,则 PuTTY 可以访问释放的内存。
- 安全功能:如果想避免向窃听者泄露存储密钥的主机,则新的配置选项可禁用 PuTTY 的动态主机密钥首选项策略。
- Bug 修复:在 Windows 高对比度模式下,安装程序 UI 难以辨认。
- Bug 修复:Windows 7 上的控制台密码输入失败。
- 终端中的 Bug 修复:一个可怕的“line==NULL”错误框的实例,以及另外两个断言失败。
- Bug 修复:来自代理的 RSA 签名的错误兼容填充中潜在的内存消耗循环。
- Bug 修复:PSFTP 的缓冲区处理在某些服务器(尤其是 proftpd 的服务器
mod_sftp
)上无法正常工作。 - Bug 修复:从备用终端屏幕还原时,光标的位置可能错误。(此类型的错误已在 0.59 中修复;这种情况未解决。)
- Bug 修复:在 Ubuntu 20.04(或具有类似 Pango 的最新版本的任何其他系统)上运行 GTK PuTTY 时,字符单元格高度可能太小像素。
- Bug 修复:旧式(低分辨率)scroll wheel events 在 GTK 3 PuTTY 中不起作用。这可能会使 scroll wheel 完全停止在 VNC 中工作。
These features are new in 0.76 (released 2021-07-17):
- New option to abandon an SSH connection if the server allows you to authenticate in a trivial manner.
- Bug fix: Windows PuTTY crashed when the ‘Use system colours’ option was used.
- Bug fix: crash on Windows when using MIT Kerberos together with ‘Restart Session’.
- Bug fix: Windows PuTTY leaked named pipes after contacting Pageant.
- Bug fix: Windows PuTTY didn’t update the window while you held down the scrollbar arrow buttons long enough to ‘key-repeat’.
- Bug fix: user colour-palette reconfiguration via ‘Change Settings’ were delayed-action.
- Bug fix: server colour-palette reconfigurations were sometimes lost.
- Bug fix: a tight loop could occur on reading a truncated private key file.
- Bug fix: the Windows Pageant GUI key list didn’t display key lengths.
These features were new in 0.75 (released 2021-05-08):
- Security fix: on Windows, a server could DoS the whole Windows GUI by telling the PuTTY window to change its title repeatedly at high speed.
- Pageant now supports loading a key still encrypted, and decrypting it later by prompting for the passphrase on first use.
- Upgraded default SSH key fingerprint format to OpenSSH-style SHA-256.
- Upgraded private key file format to PPK3, with improved passphrase hashing and no use of SHA-1.
- Terminal now supports ESC [ 9 m for strikethrough text.
- New protocols: bare ssh-connection layer for use over already-secure IPC channels, and SUPDUP for talking to very old systems such as PDP-10s.
- PuTTYgen now supports alternative provable-prime generation algorithm for RSA and DSA.
- The Unix tools can now connect directly to a Unix-domain socket.
These features were new in 0.74 (released 2020-06-27):
- Security fix: if an SSH server accepted an offer of a public key and then rejected the signature, PuTTY could access freed memory, if the key had come from an SSH agent.
- Security feature: new config option to disable PuTTY’s dynamic host key preference policy, if you prefer to avoid giving away to eavesdroppers which hosts you have stored keys for.
- Bug fix: the installer UI was illegible in Windows high-contrast mode.
- Bug fix: console password input failed on Windows 7.
- Bug fixes in the terminal: one instance of the dreaded “line==NULL” error box, and two other assertion failures.
- Bug fix: potential memory-consuming loop in bug-compatible padding of an RSA signature from an agent.
- Bug fix: PSFTP’s buffer handling worked badly with some servers (particularly proftpd’s
mod_sftp
). - Bug fix: cursor could be wrongly positioned when restoring from the alternate terminal screen. (A bug of this type was fixed in 0.59; this is a case that that fix missed.)
- Bug fix: character cell height could be a pixel too small when running GTK PuTTY on Ubuntu 20.04 (or any other system with a similarly up-to-date version of Pango).
- Bug fix: old-style (low resolution) scroll wheel events did not work in GTK 3 PuTTY. This could stop the scroll wheel working at all in VNC.
官网地址:
https://www.chiark.greenend.org.uk/~sgtatham/putty/
官网更新记录:
https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
最新版下载地址:
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html
安装版:
x86:https://the.earth.li/~sgtatham/putty/latest/w32/putty-0.76-installer.msi
x64:https://the.earth.li/~sgtatham/putty/latest/w64/putty-64bit-0.76-installer.msi
ARM x64:https://the.earth.li/~sgtatham/putty/latest/wa64/putty-arm64-0.76-installer.msi
免安装版:
x86: https://the.earth.li/~sgtatham/putty/latest/w32/putty.exe
x64: https://the.earth.li/~sgtatham/putty/latest/w64/putty.exe
ARM x64:https://the.earth.li/~sgtatham/putty/latest/wa64/putty.exe