Security update to new upstream release 0.72.

Security fixes found by the EU-funded bug bounty:

• two separate vulnerabilities affecting the obsolete SSH-1 protocol, both available before host key checking
• a vulnerability in all the SSH client tools (PuTTY, Plink, PSFTP and PSCP) if a malicious program can impersonate Pageant

Changelog: https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html

Switch off -DSTATIC_GSSAPI build as that produces non-working executables
(assertion failures). Bug has been reported upstream.

MFH: 2019Q3
Security: 5914705c-ab03-11e9-a4f9-080027ac955c