]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 8cd1150) | patch
ppp: Security fix CVE-2020-8597
authorYi Zhao <yi.zhao@windriver.com>
Thu, 13 Feb 2020 08:55:01 +0000 (16:55 +0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Fri, 14 Feb 2020 13:04:48 +0000 (13:04 +0000)
commitb01505e018ff46f1af34f98219d55f4ca700cd5a
tree2c8f906f998b7c5facb3273d8601563917489dd1tree | snapshot
parent8cd1150a813ba7aa395f3f62c6b91a3561e81c92commit | diff
ppp: Security fix CVE-2020-8597

CVE-2020-8597: eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname
buffer overflow in the eap_request and eap_response functions.

References:
https://nvd.nist.gov/vuln/detail/CVE-2020-8597

Patch from:
https://github.com/paulusmack/ppp/commit/8d7970b8f3db727fe798b65f3377fe6787575426

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-connectivity/ppp/ppp/0001-pppd-Fix-bounds-check-in-EAP-code.patch [new file with mode: 0644] blob
meta/recipes-connectivity/ppp/ppp_2.4.7.bb diff | blob | history
Mirror of the official openembedded-core repository