ppp 2.4.6-3.1 source package in Debian
Changelog
ppp (2.4.6-3.1) unstable; urgency=high
* Non-maintainer upload.
* Urgency high due to fix for DoS vulnerability.
* Fix buffer overflow in rc_mksid().
The function converts the PID of pppd to hex to generate a pseudo-unique
string. If the process id is bigger than 65535 (FFFF), its hex
representation will be longer than 4 characters, resulting in a buffer
overflow. This bug can be exploited to cause a remote DoS.
(Closes: #782450)
-- Emanuele Rocca <email address hidden> Tue, 14 Apr 2015 08:18:06 +0200
Upload details
- Uploaded by:
- Marco d'Itri
- Uploaded to:
- Sid
- Original maintainer:
- Marco d'Itri
- Architectures:
- linux-any all
- Section:
- admin
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Jessie | release | main | admin |
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| ppp_2.4.6-3.1.dsc | 1.9 KiB | 885c3aeae3fc9ef8bb3217f2fd623bd86596850d6d145d4ed30b1eba12c10cc8 |
| ppp_2.4.6.orig.tar.gz | 671.6 KiB | 1b33181a03962c8a092c055fb9980e9722728a8d98a4bb7ec7acda17c1b1b49d |
| ppp_2.4.6-3.1.debian.tar.xz | 90.1 KiB | 695095daa7efddff5332139d92d1514ca7e1079cfba146bb9e3c70feda52cd2d |
No changes file available.
