UbuntuUpdates.org

Package "ppp"

Name: ppp

Description:

Point-to-Point Protocol (PPP) - daemon

Latest version: 2.4.7-1+2ubuntu1.16.04.2
Release: xenial (16.04)
Level: updates
Repository: main
Homepage: http://ppp.samba.org/

Links

Save this URL for the latest version of "ppp": https://www.ubuntuupdates.org/ppp


Download "ppp"


Other versions of "ppp" in Xenial

Repository Area Version
base main 2.4.7-1+2ubuntu1
security main 2.4.7-1+2ubuntu1.16.04.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.4.7-1+2ubuntu1.16.04.2 2020-02-20 15:06:35 UTC

  ppp (2.4.7-1+2ubuntu1.16.04.2) xenial-security; urgency=medium

  * SECURITY UPDATE: rhostname buffer overflow
    - debian/patches/CVE-2020-8597.patch: fix bounds check in EAP code in
      pppd/eap.c.
    - CVE-2020-8597

 -- Marc Deslauriers <email address hidden> Tue, 11 Feb 2020 10:05:53 -0500

Source diff to previous version
CVE-2020-8597 eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.

Version: 2.4.7-1+2ubuntu1.16.04.1 2018-11-06 19:06:51 UTC

  ppp (2.4.7-1+2ubuntu1.16.04.1) xenial-security; urgency=medium

  * SECURITY UPDATE: buffer overflow in pppd EAP-TLS implementation
    - debian/patches/CVE-2018-11574.patch: check lengths in pppd/eap.c,
      pppd/eap-tls.c.
    - CVE-2018-11574

 -- Marc Deslauriers <email address hidden> Tue, 12 Jun 2018 13:28:33 -0400

CVE-2018-11574 Improper input validation together with an integer overflow in the EAP-TLS protocol implementation in PPPD may cause a crash, information disclosure,



About   -   Send Feedback to @ubuntu_updates