File _patchinfo of Package patchinfo.3590

<patchinfo incident="3590">
  <issue id="920167" tracker="bnc">VUL-0: CVE-2015-2157: PuTTY fails to clear private key information from memory</issue>
  <issue id="CVE-2015-2157" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>jengelh</packager>
  <description>The SSH Terminal emulator putty was updated to the new upstream release 0.64, fixing security issues and bugs:

Security fix:
PuTTY no longer retains the private half of users' keys in memory by mistake after authenticating with them.
[bsc#920167] (CVE-2015-2157)

New feature:
Support for SSH connection sharing, so that multiple instances of
PuTTY to the same host can share a single SSH connection instead
of all having to log in independently.

Bug fix:
IPv6 literals are handled sensibly throughout the suite,
if you enclose them in square brackets to prevent the colons
being mistaken for a :port suffix.
</description>
  <summary>Security update for putty</summary>
</patchinfo>