Multiple vulnerabilities have been found in Putty, allowing attackers to compromise user system
Package | net-misc/putty on all architectures |
---|---|
Affected versions | < 0.63 |
Unaffected versions | >= 0.63 |
PuTTY is a telnet and SSH client.
Multiple vulnerabilities have been discovered in PuTTY. Please review the CVE identifiers referenced below for details.
An attacker could entice a user to open connection to specially crafted SSH server, possibly resulting in execution of arbitrary code with the privileges of the process or obtain sensitive information.
There is no known workaround at this time.
All PuTTY users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/putty-0.63"