code.ossystems Code Review - openembedded-core.git/commit

]> code.ossystems Code Review - openembedded-core.git/commit

Code Review / openembedded-core.git / commit

author	Yi Zhao <yi.zhao@windriver.com>
	Fri, 21 Feb 2020 21:58:40 +0000 (23:58 +0200)
committer	Armin Kuster <akuster808@gmail.com>
	Sun, 8 Mar 2020 16:24:28 +0000 (09:24 -0700)
commit	4ea1d88702d422d4eff5c78698a123563bda4138
tree	874e2df6ef5eda2cef6481a73b40488b45de7326	tree \| snapshot
parent	359c199634ef82d2b406858b8b71672058f76290	commit \| diff

ppp: Security fix CVE-2020-8597

CVE-2020-8597: eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname
buffer overflow in the eap_request and eap_response functions.

References:
https://nvd.nist.gov/vuln/detail/CVE-2020-8597

Patch from:
https://github.com/paulusmack/ppp/commit/8d7970b8f3db727fe798b65f3377fe6787575426

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>

meta/recipes-connectivity/ppp/ppp/0001-pppd-Fix-bounds-check-in-EAP-code.patch	[new file with mode: 0644]	blob
meta/recipes-connectivity/ppp/ppp_2.4.7.bb		diff \| blob \| history

Mirror of the official openembedded-core repository

RSS Atom