PuTTY

mr.strauss

Registered
Messages
8,414
Putty 0.65

2015-07-25 PuTTY 0.65 released, containing bug fixes

PuTTY 0.65, released today, fixes the Vista bug where the configuration dialog became invisible, and a few other bugs, large and small.


Download
 

mr.strauss

Registered
Messages
8,414
Putty 0.66 (beta)

These features are new in beta 0.66 (released 2015-11-07):

  • Security fix: an escape sequence which used to make PuTTY's terminal code read and potentially write the wrong memory is fixed. See vuln-ech-overflow.
  • Bug fix: better Unicode handling in Windows PuTTY keyboard messages, so it should now work better with WinCompose.
  • Bug fix: jump lists on Windows 10 should now work.
  • There's now a set of command-line options to enable session logging.
  • &P in the log file name now substitutes in the port number from the configuration.

Download
 

mr.strauss

Registered
Messages
8,414
Putty 0.67 (beta)

These features are new in beta 0.67 (released 2016-03-05):

Security fix: a buffer overrun in the old-style SCP protocol when receiving the header of each file downloaded from the server is fixed. See vuln-pscp-sink-sscanf.
Windows PuTTY now sets its process ACL more restrictively, in an attempt to defend against malicious other processes reading sensitive data out of its memory.
Assorted other robustness fixes for crashes and memory leaks.
We have started using Authenticode to sign our Windows executables and installer.

Download
 

mr.strauss

Registered
Messages
8,414
Update: Putty 0.69
released on 2017-04-29

These features are new in 0.69 (released 2017-04-29):

#Security fix: the Windows PuTTY binaries should no longer be vulnerable to hijacking by specially named DLLs in the same directory, even the names we missed when we thought we'd fixed this in 0.68. See vuln-indirect-dll-hijack-2.

#Windows PuTTY should work with MIT Kerberos again, after our DLL hijacking defences broke it.

#Jump lists should now appear again on the PuTTY shortcut in the Windows Start Menu.

#You can now explicitly configure SSH terminal mode settings not to be sent to the server, if your server objects to them.

Download
 

WaRp

(∩`-´)⊃━☆゚.*・。゚
Staff member
Administrator
Messages
29,619
Update: Putty 0.70
released on 2017-07-08

New in 0.70:

Security fix: the Windows PuTTY binaries should no longer be vulnerable to hijacking by specially named DLLs in the same directory, even a name we missed when we thought we'd fixed this in 0.69. See vuln-indirect-dll-hijack-3.
Windows PuTTY should be able to print again, after our DLL hijacking defences broke that functionality.
Windows PuTTY should be able to accept keyboard input outside the current code page, after our DLL hijacking defences broke that too.

MSI (‘Windows Installer’)
32-bit: putty-0.70-installer.msi
64-bit: putty-64bit-0.70-installer.msi

Unix source archive
tar.gz: putty-0.70.tar.gz
 

WaRp

(∩`-´)⊃━☆゚.*・。゚
Staff member
Administrator
Messages
29,619
Putty 0.73

-Security fix: on Windows, other applications were able to bind to the same TCP port as a PuTTY local port forwarding.
-Security fix: in bracketed paste mode, the terminal escape sequences that should delimit the pasted data were appearing together on one side of it, making it possible to misidentify pasted data as manual keyboard input.
-Bug fix (possibly security-related): an SSH-1 server sending a disconnection message could cause an access to freed memory.
-Bug fix: Windows Plink would crash on startup if it was acting as a connection-sharing downstream.
-Bug fix: Windows PuTTY now updates its terminal window size correctly if the screen resolution changes while it's maximised.
-Bug fix: tweaked terminal handling to prevent lost characters at the ends of lines in gcc's coloured error messages.
-Bug fix: removed a bad interaction between the 'clear scrollback' operation and mouse selection that could give rise to the dreaded "line==NULL" assertion box.

MSI (‘Windows Installer’)

32 bit

64 bit

Unix source archive

.tar.gz:
 

WaRp

(∩`-´)⊃━☆゚.*・。゚
Staff member
Administrator
Messages
29,619
Putty 0.74

-Security fix: if an SSH server accepted an offer of a public key and then rejected the signature, PuTTY could access freed memory, if the key had come from an SSH agent.
-Security feature: new config option to disable PuTTY's dynamic host key preference policy, if you prefer to avoid giving away to eavesdroppers which hosts you have stored keys for.
-Bug fix: the installer UI was illegible in Windows high-contrast mode.
-Bug fix: console password input failed on Windows 7.
-Bug fixes in the terminal: one instance of the dreaded "line==NULL" error box, and two other assertion failures.
-Bug fix: potential memory-consuming loop in bug-compatible padding of an RSA signature from an agent.
-Bug fix: PSFTP's buffer handling worked badly with some servers (particularly proftpd's mod_sftp).
-Bug fix: cursor could be wrongly positioned when restoring from the alternate terminal screen. (A bug of this type was fixed in 0.59; this is a case that that fix missed.)
-Bug fix: character cell height could be a pixel too small when running GTK PuTTY on Ubuntu 20.04 (or any other system with a similarly up-to-date version of Pango).
-Bug fix: old-style (low resolution) scroll wheel events did not work in GTK 3 PuTTY. This could stop the scroll wheel working at all in VNC.

MSI (‘Windows Installer’)

putty-0.74-installer.msi
putty-64bit-0.74-installer.msi

Unix source archive

putty-0.74.tar.gz
 

WaRp

(∩`-´)⊃━☆゚.*・。゚
Staff member
Administrator
Messages
29,619
Putty 0.77

  • Major improvements to network proxy support:
    • Support for interactively prompting the user if the proxy server requires authentication.
    • Built-in support for proxying via another SSH server, so that PuTTY will SSH to the proxy and then automatically forward a port through it to the destination host. (Similar to running plink -nc as a subprocess, but more convenient to set up, and allows you to answer interactive prompts presented by the proxy.)
    • Support for HTTP Digest authentication, when talking to HTTP proxies.
  • Introduced pterm.exe, a PuTTY-like wrapper program for Windows command prompts (or anything else running in a Windows console). Not yet included in the installer, but available as a .exe file from the Download page.
  • Updated Unicode and bidi support to Unicode 14.0.0.
  • New command-line option -pwfile, like -pw except that it reads the password from a file so that it doesn't show up on the command line.
  • Windows Pageant: option --openssh-config to allow easy interoperation with Windows's ssh.exe.
  • -pw (and -pwfile) now do not fall back to interactively prompting for a password if the provided password fails. (That was the original intention.)
  • New configuration options for keyboard handling:
    • Option to control handling of Shift + arrow keys
    • Extra mode in the function-keys option, for modern xterm (v216 and above).
  • Bug workaround flag to wait for the server's SSH greeting before sending our own, for servers (or proxies) that lose outgoing data before seeing any incoming data.
  • Crypto update: added side-channel resistance in probabilistic RSA key generation.
  • Crypto update: retired the use of short Diffie-Hellman exponents (just in case).
  • Bug fix: reconfiguring remote port forwardings more than once no longer crashes.
  • Bug fix: terminal output processing is now paused while handling a remote-controlled terminal resize, so that the subsequent screen redraw is interpreted relative to the new terminal size instead of the old.
  • Bug fix: Windows PuTTYgen's mouse-based entropy collection now handles high-frequency mice without getting confused.
  • Bug fix: Windows Pageant can now handle large numbers of concurrent connections without hanging or crashing.
  • Bug fix: if Windows Pageant is started multiple times simultaneously, the instances should reliably agree on one of them to be the persistent server.
  • Bug fix: remote-controlled changes of window title are now interpreted according to the configured character set.
  • Bug fix: remote-controlled changes of window title no longer get confused by UTF-8 characters whose encoding includes the byte 0x9C (which terminates the control sequence in non-UTF-8 contexts).
  • Bug fix: popping up the window context menu in the middle of a drag-select now no longer leaves the drag in a stuck state.
  • Bug fix: extensive use of true colour in the terminal no longer slows down window redraws unnecessarily.
  • Bug fix: when PSCP reports the server sending a disallowed compound pathname, it correctly reports the replacement name it's using for the downloaded file.
  • Bug fix: enabling X11 forwarding in psusan failed to fall back through possible port numbers for the forwarded X display.
  • For developers: migrated the build system to CMake, removing the old idiosyncratic mkfiles.pl and the autotools system.
 

WaRp

(∩`-´)⊃━☆゚.*・。゚
Staff member
Administrator
Messages
29,619
Putty 0.78

  • Support for OpenSSH certificates, for both user authentication keys and host keys.
  • New SSH proxy modes, for running a custom shell command or subsystem on the proxy server instead of forwarding a port through it.
  • New plugin system to allow a helper program to provide responses in keyboard-interactive authentication, intended to automate one-time password systems.
  • Support for NTRU Prime post-quantum key exchange,
  • Support for AES-GCM (in the OpenSSH style rather than RFC 5647).
  • Support for more forms of Diffie-Hellman key exchange: new larger integer groups (such as group16 and group18), and support for using those and ECDH with GSSAPI.
  • Bug fix: the 32-bit Windows build now runs on Windows XP again.
  • Bug fix: server-controlled window title setting now works again even if the character set is ISO 8859 (or a few other affected single-byte character sets).
  • Bug fix: certain forms of OSC escape sequences (sent by some real servers) could cause PuTTY to crash.
  • Bug fix: the -pwfile/-pw options no longer affect local key passphrase prompts, and no longer suppress Plink's anti-spoofing measures.
  • Note: installing the 0.78 or later Windows installer will not automatically uninstall 0.77 or earlier, due to a change we've made to work around a bug. We recommend uninstalling the old version first, if possible. If both end up installed, uninstalling both and then re-installing the new version will fix things up.

MSI (‘Windows Installer’)
64-bit x86: putty-64bit-0.78-installer.msi
64-bit Arm: putty-arm64-0.78-installer.msi
32-bit x86: putty-0.78-installer.msi

Unix source archive
.tar.gz: putty-0.78.tar.gz
 

DR-10

Super VIP
Messages
3,688
Putty v0.79
These features are new in 0.79 (released 2023-08-26):
-Windows installer scope is back to the normal 'per machine' setting, reverting 0.78's security workaround.
-Terminal mouse tracking: support for mouse movements which are not drags.
-Terminal mouse tracking: support for horizontal scroll events (e.g. generated by trackpads).
-Backwards compatibility fix: certificate-based user authentication now works with OpenSSH 7.7 and earlier.
-Bug fix: in a session using the 'Raw' protocol, pressing ^D twice in the terminal window could cause an assertion failure.
-Bug fix: terminal output could hang if a resize control sequence was sent by the server (and was not disabled in the Features panel) but PuTTY's window was set to non-resizable in the Window panel.
-Bug fix: GTK PuTTY could fail an assertion if a resize control sequence was sent by the server while the window was docked to one half of the screen in KDE.
-Bug fix: GTK PuTTY could fail an assertion if you tried to change the font size while the window was maximised.
-Bug fix: the 'bell overload' timing settings were misinterpreted by Unix PuTTY and pterm 0.77/0.78; if any settings were saved using these versions, confusion can persist with newer versions.
-Bug fix: SSH authentication banners were not reliably printed if a server sent one immediately before closing the connection (e.g. intended as a user-visible explanation for the connection closure).
-Bug fix: the 'close' command in PSFTP always reported failure, so that ending a psftp -b batch script with it would cause PSFTP as a whole to believe it had failed, even if everything worked fine.
-Bug fix: certificate handling would do the wrong thing, for RSA keys only, if you specified a detached certificate to go with a PPK file that had a different certificate embedded.
-Bug fix: Windows Pageant's option to write out a configuration file fragment for Windows OpenSSH now works even if you have a space in your user name.
-Bug fix: in local-line-editing mode, pressing ^U now just clears the line, instead of clearing it and then inserting a literal ^U.
-Several bug fixes in edge cases of terminal wrapping, involving double-width characters.
-Note: this means that installing the 0.79 or later Windows installer will not automatically uninstall 0.78, if 0.78 was installed using its default 'per user' scope. In that situation we recommend uninstalling 0.78 first, if possible. If both end up installed, uninstalling both and then re-installing the new version will fix things up
DownLoad_PuTTY_Released_v0.79
 

DR-10

Super VIP
Messages
3,688
Putty v0.80
New update:18.12.2023
These features are new in 0.80 (Released 2023-12-18):
•Security fix: support for OpenSSH's new kex-strict protocol modification, addressing a vulnerability in some @openssh.com cipher and MAC modes, in particular ChaCha20+Poly1305.
•Bug fix: the MSI-installed version of putty.exe can now find its help file again.
•Bug fix: a server sending non-displaying terminal escape sequences such as ESC[0m now no longer resets the scrollback to the bottom of the window..
DownLoad_PuTTY_Release_v0.80
 
Last edited:
Top