drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberlauf in ppp
Name: |
Pufferüberlauf in ppp |
|
ID: |
DSA-3228-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian wheezy |
|
Datum: |
Do, 16. April 2015, 13:26 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3310 |
|
Applikationen: |
ppp |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
- ------------------------------------------------------------------------- Debian Security Advisory DSA-3228-1 security@debian.org http://www.debian.org/security/ Sebastien Delafond April 16, 2015 http://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : ppp CVE ID : CVE-2015-3310 Debian Bug : 782450
Emanuele Rocca discovered that ppp, a daemon implementing the Point-to-Point Protocol, was subject to a buffer overflow when communicating with a RADIUS server. This would allow unauthenticated users to cause a denial-of-service by crashing the daemon.
For the stable distribution (wheezy), this problem has been fixed in version 2.4.5-5.1+deb7u2.
For the upcoming stable distribution (jessie) and unstable distribution (sid), this problem has been fixed in version 2.4.6-3.1.
We recommend that you upgrade your ppp packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQEcBAEBCAAGBQJVL2reAAoJEBC+iYPz1Z1knigH/3VwF1EmHuFPoxe3shWov7+9 8emJ34eqfLhO2rkZ/gXntad+1uhBcNVIAhMOL0vQXaih8vfNSxG7gydqNg8CVjKn k2CBWo8lPD/CBjpjn7XbxzcdJrayX+E+Pj87W8StsjlzRMawrCFN3ptKUhPn961V ZwdG9wQzdtunlWy7mHYdE9/inlV/mLaC2Q9/tC2Iew3/Su0gCpyEFjJ3lGs55B4d 4JzOwnzrXtrdFTOUME9FGog8KNAr16w1kQ1ii6++PoAJV1p/mMGwrRccQA5j6F4r OlyyPRuncASH4xwO3NzaDBcSHXzs+TaERxatYWW9kIeTr2eEel+NE8POCiCKy5w= =KXp8 -----END PGP SIGNATURE-----
-- To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org Archive: https://lists.debian.org/E1YihX6-0001zy-Qh@pool.mine.nu
|
|
|
|