We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hello,
reported in many places but appearently never got upstreamed:
If the PID exceeds 16 bit, the sprintf statement in rc_mksid results in a buffer overflow:
rc_mksid
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-3310 https://bugs.debian.org/782450
Note the patch in Debian is just a workaround and should be % 65536 - obviously the better solution was to enhance the buffer size.
% 65536
The text was updated successfully, but these errors were encountered:
Fixed by 858976b.
Sorry, something went wrong.
[ppp] [pppd] Add CVE-2015-3310.patch. JB#48797
dfa4a67
See ppp-project/ppp#86 and https://git.archlinux.org/svntogit/packages.git/tree/trunk?h=packages/ppp Signed-off-by: Alexey Andreev <a.andreev@omprussia.ru>
ppp: remove upstream patch
6633a67
ppp-project/ppp#86 Fixed via ppp-project/ppp@858976b
No branches or pull requests
Hello,
reported in many places but appearently never got upstreamed:
If the PID exceeds 16 bit, the sprintf statement in
rc_mksid
results in a buffer overflow:https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-3310
https://bugs.debian.org/782450
Note the patch in Debian is just a workaround and should be
% 65536
- obviously the better solution was to enhance the buffer size.The text was updated successfully, but these errors were encountered: