PuTTY 0.68 发布,增强安全性
PuTTY 是一套免费的 SSH / Telnet 程序,它可以连接上支持 SSH Telnet 协议的站点,并且可自动取得对方的系统指纹码 (Fingerprint).建立联机以后,所有的通讯内容都是以加密的方式传输,因此你再也不用害怕使用 Telnet 在 Internet 或公司的内部网络传输资料时被他人获知内容了.These features arenew in 0.68(released 2017-02-21):
[*]Security fix: an integer overflow bug in the agent forwarding code.See vuln-agent-fwd-overflow.
[*]Security fix: the Windows PuTTY binaries should no longer bevulnerable to hijacking by specially named DLLs in the same directory(on versions of Windows where they previously were).See vuln-indirect-dll-hijack.
[*]Windows PuTTY no longer sets a restrictive process ACL by default,because this turned out to inconvenience too many legitimateapplications such as NVDA and TortoiseGit. You can still manuallyrequest a restricted ACL using the command-line option-restrict-acl.
[*]The Windows PuTTY tools now come in a 64-bit version.
[*]The Windows PuTTY tools now have Windows's ASLR and DEP securityfeatures turned on.
[*]Support for elliptic-curve cryptography (the NIST curves and25519), for host keys, user authentication keys, and key exchange.
[*]Support for importing and exporting OpenSSH's new private key format.
[*]Host key preference policy change: PuTTY prefers host key formatsfor which it already knows the key.
[*]Run-time option (from the system menu / Ctrl-right-click menu) toretrieve other host keys from the same server (which cross-certifiesthem using the session key established using an already-known key) andadd them to the known host-keys database.
[*]The Unix GUI PuTTY tools can now be built against GTK 3.
[*]There is now a Unix version of Pageant.
MSI (‘Windows Installer’)32-bit:putty-0.68-installer.msi(or by FTP)(signature)64-bit:putty-64bit-0.68-installer.msi(or by FTP)(signature)Unix source archive.tar.gz:putty-0.68.tar.gz(or by FTP)(signature)
页:
[1]