ppp 2.4.6-3.1 source package in Debian

Changelog

ppp (2.4.6-3.1) unstable; urgency=high


  * Non-maintainer upload.
  * Urgency high due to fix for DoS vulnerability.
  * Fix buffer overflow in rc_mksid().
    The function converts the PID of pppd to hex to generate a pseudo-unique
    string. If the process id is bigger than 65535 (FFFF), its hex
    representation will be longer than 4 characters, resulting in a buffer
    overflow. This bug can be exploited to cause a remote DoS.
    (Closes: #782450)

 -- Emanuele Rocca <email address hidden>  Tue, 14 Apr 2015 08:18:06 +0200

Upload details

Uploaded by:
Marco d'Itri
Uploaded to:
Sid
Original maintainer:
Marco d'Itri
Architectures:
linux-any all
Section:
admin
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section
Jessie release main admin

Builds

Downloads

File Size SHA-256 Checksum
ppp_2.4.6-3.1.dsc 1.9 KiB 885c3aeae3fc9ef8bb3217f2fd623bd86596850d6d145d4ed30b1eba12c10cc8
ppp_2.4.6.orig.tar.gz 671.6 KiB 1b33181a03962c8a092c055fb9980e9722728a8d98a4bb7ec7acda17c1b1b49d
ppp_2.4.6-3.1.debian.tar.xz 90.1 KiB 695095daa7efddff5332139d92d1514ca7e1079cfba146bb9e3c70feda52cd2d

No changes file available.

Binary packages built by this source