-
ppp (2.4.6-3.1) unstable; urgency=high
* Non-maintainer upload.
* Urgency high due to fix for DoS vulnerability.
* Fix buffer overflow in rc_mksid().
The function converts the PID of pppd to hex to generate a pseudo-unique
string. If the process id is bigger than 65535 (FFFF), its hex
representation will be longer than 4 characters, resulting in a buffer
overflow. This bug can be exploited to cause a remote DoS.
(Closes: #782450)
-- Emanuele Rocca <email address hidden> Tue, 14 Apr 2015 08:18:06 +0200
-
ppp (2.4.6-3) unstable; urgency=high
* Urgency high due to fix for CVE-2014-3158.
* Cherry-pick patches from 2.4.7 upstream release. These are 9 of 11 patches
in the 2.4.7 upstream release of PPP, including the fix for CVE-2014-3158.
The two patches left out were not imported in order to preserve ABI
stability. (Closes: #762789)
- ppp-2.4.7-001-pppd-Separate-IPv6-handling-for-sifup-sifdown.patch
- ppp-2.4.7-002-pppol2tp-Connect-up-down-events-to-notifiers-and-add.patch
- ppp-2.4.7-003-pppd-Add-declarations-to-eliminate-compile-warnings.patch
- ppp-2.4.7-004-pppd-Eliminate-some-unnecessary-ifdefs.patch
- ppp-2.4.7-005-radius-Fix-realms-config-file-option.patch
- ppp-2.4.7-006-pppd-Eliminate-potential-integer-overflow-in-option-.patch
- ppp-2.4.7-007-pppd-Eliminate-memory-leak-with-multiple-instances-o.patch
- ppp-2.4.7-008-pppd-Fix-a-stack-variable-overflow-in-MSCHAP-v2.patch
- ppp-2.4.7-009-winbind-plugin-Add-DMPPE-1-to-eliminate-compiler-war.patch
* Refresh debian/patches/cifdefroute.dif
* Update Standards-Version to 3.9.6 (no changes required).
-- Chris Boot <email address hidden> Sun, 19 Oct 2014 10:47:59 +0100
-
ppp (2.4.6-2) unstable; urgency=medium
* d/rules: Fix ppp-udeb module path by using a shell expression for PPPDDIR.
* Update Breaks for network-manager to (<< 0.9.8.8-7~). (Closes: #744814)
* Update Breaks for network-manager-pptp and pppdcapiplugin.
* Update lintian overrides to account for changed plugin path.
-- Chris Boot <email address hidden> Thu, 17 Apr 2014 22:19:23 +0100
-
ppp (2.4.5+git20130610-4) unstable; urgency=medium
* Remove obsolete --update-rcd-params from dh_installinit. (Closes: #727162)
* Remove obsolete Build-Depends on quilt.
* Add systemd service file for ppp-dns: (Closes: #716864)
- Build-Depend on dh-systemd
- Use dh_installinit --name instead of --init-script
- Add dh_systemd_enable and dh_systemd_start to debian/rules
Thanks to Shawn Landden for providing a patch.
* Add LSB Description header to init script.
* Make init script source /lib/lsb/init-functions for systemd compatibility.
* Override a number of lintian tags:
- init.d-script-does-not-implement-optional-option etc/init.d/pppd-dns
status
- non-standard-dir-perm etc/chatscripts/ and etc/ppp/peers/
- package-contains-readme-for-other-platform-or-distro
usr/share/doc/ppp/README.win9x
- setuid-binary usr/sbin/pppd
- debian-watch-may-check-gpg-signature
See the lintian overrides files for reasoning.
* Add support for arbitrary interface naming: (Closes: #458646)
- Add debian/patches/ppp-2.4.2-ifname.diff based on openSUSE patch.
* Fix a potential buffer overflow in the radius plugin:
- Add debian/patches/ppp-2.4.4-strncatfix.patch from openSUSE.
* Update debian/copyright:
- Add myself to the list of maintainers
- Change reference to GPL symlink license to GPL-2
* Update Standards-Version to 3.9.5 (no changes required).
* Refresh debian/patches/cifdefroute.dif from OpenSUSE (Closes: #425163) and
add patch header.
-- Chris Boot <email address hidden> Mon, 27 Jan 2014 22:17:11 +0000
-
ppp (2.4.5+git20130610-3) unstable; urgency=medium
* Revisit debian/rules and Makefile patches due to build breakage exposed by
the addition of hardening build flags. (Closes: #734458)
- Update debian/rules to pass COPTS/LDOPTS instead of CFLAGS/LDFLAGS.
- Overhaul makefiles_cleanup patch. This now makes far fewer changes to the
upstream Makefiles than previously.
- Refresh no_crypt_hack, pppdump_use_zlib, pppoatm_resolver_light and
zzz_config patches due to significant Makefile changes.
Thanks to Marco d'Itri for the bulk of the Makefile work.
-- Chris Boot <email address hidden> Tue, 07 Jan 2014 17:54:08 +0000
-
ppp (2.4.5+git20130610-1) unstable; urgency=low
* New upstream git snapshot (8d69424). (Closes: #615666, #674207, #684164)
* Move extra/ directory into debian/ directory.
* Remove patches applied upstream:
- git-20100307 (e753795..cab5861)
- pppoatm_no_modprobe (52cd43a)
- use_system_logwtmp (fixed differently in 9617a7e)
- dont-exit-pado-timeout (fixed differently in 225361d)
- fix_warnings (fixed in 0b61182)
- man_syntax_errors (fixed in d16a398 and a7c3489)
- documentation_typos (fixed in 8dea1b9, 9e05a25 and b5b8898)
- fix_null_pppdb (3747616)
- radius_enanchements (fixed in 2f581cd)
- remove-old-version-of-Linux-if_pppol2tp-h.patch (c41092d)
* Refresh or edit patches to remove fuzz:
- 018_ip-up_option.diff
- cifdefroute.dif
- no_crypt_hack
- setenv_call_file
- zzz_config
* Remove patches that were disabled in 2.4.5-1:
- pppoatm_fix_mtu
- pppoe_fixinclude
* Add inactive patch to series file added in 2.4.5-1:
- ipv6-accept-remote
* Switch to dpkg-source 3.0 (quilt) format.
* Add Homepage field to debian/control.
* Add myself to Uploaders.
* Fix lintian warnings:
- xc-package-type-in-debian-control line 25
- binary-control-field-duplicates-source field "section" in package ppp
-- Chris Boot <email address hidden> Mon, 21 Oct 2013 22:49:34 +0100
-
ppp (2.4.5-5.2) unstable; urgency=low
* Non-maintainer upload.
* Replace patch update_if_pppol2tp with
remove-old-version-of-Linux-if_pppol2tp-h.patch to fix build failures with
kernels since wheezy. (Closes: #707538)
-- Chris Boot <email address hidden> Tue, 28 May 2013 15:56:31 +0100
-
ppp (2.4.5-5.1) unstable; urgency=low
* Non-maintainer upload.
* Set Architecture to linux-any. (Closes: #648345)
-- Robert Millan <email address hidden> Sun, 22 Apr 2012 16:25:45 +0200
