+++ This bug was initially created as a clone of Bug #26875 +++ PuTTY 0.74 has been released on June 27: https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html As usual, it contains a security fix. Filezilla will also have to be fixed, but it doesn't look like they have done so upstream yet: https://svn.filezilla-project.org/filezilla/FileZilla3/trunk/src/putty/ This is CVE-2020-14002. Fedora has issued an advisory for this on July 9: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/26TACCSQYYCPWAJYNAUIXJGZ5RGORJZV/ Fedora has issued advisories for filezilla and libfilezilla on July 4: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/IRKUHQP6O6TGN64SI7PYCKHJT24Y2EY2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/IRAC73KPNR4HKTRKJNLIZXCYIP6STUZN/ They updated to filezilla 3.48.1 and libfilezilla 0.22.0. Apparently they don't fix this issue, however.
On March 10, Nicolas built: libfilezilla-0.27.0-1.mga7.src.rpm filezilla-3.52.2-1.mga7.src.rpm I don't think it fixed this, though. It looks like FileZilla 3.54 was the first to update to PuTTY 0.74: https://svn.filezilla-project.org/filezilla?view=revision&revision=10235 https://filezilla-project.org/
CC: (none) => mageia
Depends on: (none) => 29186
https://blog.mageia.org/en/2021/06/08/mageia-7-will-reach-end-of-support-on-30th-of-june-the-king-is-dead-long-live-the-king/
Status: NEW => RESOLVEDResolution: (none) => OLD