v0.8 [Dec 18, 2023]
fixes a critical vulnerability CVE-2024-31497 in the use of 521-bit ECDSA keys (ecdsa-sha2-nistp521). If you have used a 521-bit ECDSA private key with any previous version of PuTTY, consider the private key compromised: remove the public key from authorized_keys files, and generate a new key pair.
However, this only affects that one algorithm and key size. No other size of ECDSA key is affected, and no other key type is affected.
v0.7 [Jun 13, 2014]
- Security fix: the Windows PuTTY binaries should no longer be vulnerable to hijacking by specially named DLLs in the same directory, even a name we missed when we thought we'd fixed this in 0.69.
- Windows PuTTY should be able to print again, after our DLL hijacking defences broke that functionality.
- Windows PuTTY should be able to accept keyboard input outside the current code page, after our DLL hijacking defences broke that too.
