UbuntuUpdates.org

Package "ppp"

Name: ppp

Description:

Point-to-Point Protocol (PPP) - daemon

Latest version: 2.4.7-1+2ubuntu1.16.04.3
Release: xenial (16.04)
Level: security
Repository: main
Homepage: http://ppp.samba.org/

Links


Download "ppp"


Other versions of "ppp" in Xenial

Repository Area Version
base main 2.4.7-1+2ubuntu1
updates main 2.4.7-1+2ubuntu1.16.04.3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.4.7-1+2ubuntu1.16.04.3 2020-08-04 19:07:00 UTC

  ppp (2.4.7-1+2ubuntu1.16.04.3) xenial-security; urgency=medium

  * SECURITY UPDATE: arbitrary file disclosure vulnerability
    - debian/patches/load_ppp_generic_if_needed: removed, ppp has been
      built into Ubuntu kernels since at least 2012.
    - CVE-2020-15704
  * debian/patches/0016-pppoe-include-netinet-in.h-before-linux-in.h.patch:
    fix build on newer kernels.

 -- Marc Deslauriers <email address hidden> Thu, 23 Jul 2020 08:57:14 -0400

Source diff to previous version
CVE-2020-15704 RESERVED

Version: 2.4.7-1+2ubuntu1.16.04.2 2020-02-20 15:06:34 UTC

  ppp (2.4.7-1+2ubuntu1.16.04.2) xenial-security; urgency=medium

  * SECURITY UPDATE: rhostname buffer overflow
    - debian/patches/CVE-2020-8597.patch: fix bounds check in EAP code in
      pppd/eap.c.
    - CVE-2020-8597

 -- Marc Deslauriers <email address hidden> Tue, 11 Feb 2020 10:05:53 -0500

Source diff to previous version
CVE-2020-8597 eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.

Version: 2.4.7-1+2ubuntu1.16.04.1 2018-11-06 17:06:50 UTC

  ppp (2.4.7-1+2ubuntu1.16.04.1) xenial-security; urgency=medium

  * SECURITY UPDATE: buffer overflow in pppd EAP-TLS implementation
    - debian/patches/CVE-2018-11574.patch: check lengths in pppd/eap.c,
      pppd/eap-tls.c.
    - CVE-2018-11574

 -- Marc Deslauriers <email address hidden> Tue, 12 Jun 2018 13:28:33 -0400

CVE-2018-11574 Improper input validation together with an integer overflow in the EAP-TLS protocol implementation in PPPD may cause a crash, information disclosure,



About   -   Send Feedback to @ubuntu_updates