Both in a new section about reporting vulnerabilities, and in the
section about large attachment...

I think the deterministic DSA system we've been using for ages can now
be considered proven in u...

Previously, due to confusion, it was placed either at the end of the
list or at the start, depen...

It was only prepared to position a new element relative to an existing
one if the latter was spe...

If you're connecting to a new server and it _only_ provides host key
types you've configured to ...

When Jacob introduced this message in d0d3c47a0, he was right to
assume that hostkey_algs[] and ...

It won't return true, because pterm's use of conf is a bit nonstandard
(it doesn't really bother...

I was confused by '-fn Monospace' not working (it needs a font size).

Also, fix a mangled sentence.

Since we got a dynamic preference order, it's been bailing out at a
random point, and listing ke...

And tweak some of the words a bit.

I noticed this in passing while tinkering with the hostkey_algs array:
these arrays are full of ...

Now we actually have enough of them to worry about, and especially
since some of the types we su...

It's too esoteric to be the first thing on the Auth panel; I've never
heard of any SSH server th...

Intended as a hint that users may want to use the "Cache new host key type"
special command.

(A bit.)

It's not the recommended makefile any more, but it's not too hard
to keep it working for the mom...

The current state of the OS X GTK port is looking more or less
plausible - it's not finished, of...

This is an absolutely horrible piece of code, relying not only on font
metrics but also on an ob...

Jacob pointed out that a free-text field for entering a key size in
bits is all very well for ke...

The About box is where it showed up most obviously that I'd hastily
bunged a GtkBox inside anoth...

The big problem with making an OS X application out of a GTK program
is that it won't start unle...

This lists all the things I currently know to be wrong with the OS X
work. There are quite a few...

This is a file that generally seems to turn up when you start using OS
X Finder to interact with...

This commit adds two .plist files, which go in the app bundles; two
.bundle files, which are inp...

When it's finished, this will be the backbone of the OS X GTK port:
using a GtkApplication autom...

This is a weird thing to have to do, but it is necessary: the OS X
PuTTY will need its top-level...

This is to [X] what [UT] is to [U]: that is, it's a program linked
against the GTK libraries, bu...

Instead of main() living in uxputty.c and uxpterm.c, and doing a
little bit of setup before call...

mkicon.py now outputs .pam by hand, rather than using ImageMagick to
go straight to .png. For mo...

This lays further groundwork for the OS X GTK3 port, which is going to
have to deal with multipl...

Only ECDSA so far, because ed25519 requires real maths to deal with the
compressed point format.

If you've just certified a key, you want it to vanish from the menu
immediately, of course.

I got momentarily confused between whether the special code
(TS_LOCALSTART+i) meant the ith entr...

If a server offers host key algorithms that we don't have a stored key
for, they will now appear...

Now I can invent codes that vary per session.

The last list we returned is now stored in the main Ssh structure
rather than being a static arr...

When we're displaying bidirectionally active text (that is, text that
the Unicode bidi algorithm...

When I cut it in half so I could fetch the XCharStruct for a given
character, I forgot that the ...

If you run something like 'seq 2000000000' in a GTK3 pterm, the window
never actually updates, b...

This is quite a pain, since it involves inventing an entire new piece
of infrastructure to insta...

I had completely forgotten, when rendering each glyph to a server-side
pixmap and downloading it...

It would be nicer if we could also make this show up as the icon for
the .msi file itself when v...

Terminal prompting takes precedence over GUI prompting, so explicitly
state that in the docs.

(This was added in 4204a53.)

Patch due to Colin Watson.

Putting the passphrase in a file avoids exposing it to 'ps' which ca...

Mostly this is a reaction to the reports of Inno Setup having a DLL
hijacking vulnerability. But...

Now the dust from 0.67 has settled, I can do this without getting my
git branches hopelessly con...

(cherry picked from commit cfbe604d068ea8761eeb5da0138e4bef50dd077f)

There was a rogue sscanf("%s") with no field width limit, targeting a
stack-based buffer, and sc...

A user reported in January that locking down our process ACL causes
get_user_sid's call to OpenP...

This is a 'merge -s ours', making no change to master but just
recording an ancestry relationshi...

That option does exist, but only on master; it was not in the 0.66
release. It turned up by mist...

The reporter of vuln-pscp-sink-sscanf asked for a key to encrypt the
vulnerability report with, ...

ssh_pkt_getstring can return (NULL,0) if the input packet is too short
to contain a valid string...

Arrgh, _another_ one I only remember seconds too late!

(cherry picked from commit 51465fac73742...

GCC 6 emits strict-aliasing warnings here, so use the existing
sockaddr_union arrangements to av...

GCC 6 warns about potentially misleading indentation, such as:

if (condition) stmt1; stmt2;...

Not that anyone actually needs to use that conditioned-out main(),
since it only generates the t...

Thanks to @ch3root again for this patch.

(cherry picked from commit 70f641f84527fcb5a2ccbff7c8e...

We had inadvertently raised the minimum supported Windows version in
the course of restricting P...

I've made the licence text, the About box, and the host key dialog
into GTK selectable edit cont...

Now all the uses of the licence text or the short copyright notice get
it from a new header "lic...

Now we have licence.pl, it seems to me to make very good sense to have
it generate the Halibut f...

This makes the About and Licence boxes copy-and-pasteable, similarly
to what I've just done on U...

(cherry picked from commit 0f5299e5a86e87068277b19c008ff5eb0f78d022)

(cherry picked from commit 8b65fef55c688d8a52bd56f426e345671fab0303)

Or, at least, potentially do so. The build script now has a slot into
which code-signing can be ...

logevent() doesn't do printf-style formatting (though the logeventf
wrapper in ssh.c does), so i...

We set up a pair of bufchains for the standard input and output
exchanged with the proxy process...

By default Windows processes have wide open ACLs which allow interference
by other processes run...

(cherry picked from commit 21a37d287cced473c12d23581fc1a200552ad1e0)

Often it means you tried to connect to port 0.

(cherry picked from commit c4f963ebd71dd07b3c6dc...

make_private_security_descriptor and a new function protectprocess().

protectprocess() opens the...

Half the release checklist has changed recently, what with me
completely reworking the website a...

I've added extra modes to release.pl which should automate the more
tedious parts of the deploym...

(cherry picked from commit 470337d0f2591534221390f50a69f8c9f6fe0558)

The length coming back from ber_read_id_len might have overflowed, so
treat it as potentially ne...

Forgot that a zero-length string might have come back from fgets.

Thanks to Hanno Böck for spot...

The initial test for a line ending with "PRIVATE KEY-----" failed to
take into account the possi...