news 28 Posted April 19, 2015 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : ppp Version : 2.4.5-4+deb6u2 CVE ID : CVE-2015-3310 Debian Bug : 782450 Emanuele Rocca discovered that ppp, a daemon implementing the Point-to-Point Protocol, was subject to a buffer overflow when communicating with a RADIUS server. This would allow unauthenticated users to cause a denial-of-service by crashing the daemon. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQJ8BAEBCgBmBQJVM8/xXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5 NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHM0sQALofe4UHb5HdWl7ZA6i7DuX7 GqocCUTzETxZeNSGRc+I5HJYbxsKey76GVB+o+3S9FUk1EYc0qK9n/ekjRnA75oD PL6JqrNrb0AE8HCiMNVDSaNBwPEg4Tkz8NlavT4gJk4A8jfgr3XXjJrKzUbmiomw OVzkPsdxIEELmK/anao+PAn5nCIdnmiYsMjzxqbaZ/Gtuj8iqHE2bcOlU0s1f7Qn AoBY11unBQsk9dcUcebUiJUF2TEhrcM/QUWSKbJhGEuyyoJT+HeATG5XCZt3V+IV fUYNS3okU123xkz6EtK6WVAccbRNb+vux2oTU17ny+c129s2cLKomopa/vsqSDqC DebZkyvcZ/CVFSjgy3QhBiPGkKhatBKF1MEb2EXJQPDmeoPwALfP7NjxEpQVsImg 009VwWjUECiYVdacVDV+1kfhttpIOH4vc1kqYkcdvVcjg7UTuZdH6Ar9OFs5aT6q ugM/SBhoPv/dFtN2+mwlYtJ6yveMZlllOt0LvFJaAql/cHWOgWy0BWGJtTl9o7Vp aYnYtT/Vw8roG/2rJgTrz9OQfhVz3otMvWIil6fg6OJQ8MMcdjJToG3y65o6PFSr +FSGVJROSn9rYbyWRX7+cVQ3PiorCPJ2HcoWWMvCWEOg6LCbSQfd6tcSXlEaAHkN sJfDZdt7eDx7gW29fKCy =0xci -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-lts-announce-request ( -at -) lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster ( -at -) lists.debian.org Archive: https://lists.debian.org/alpine.DEB.2.02.1504191754300.26500 ( -at -) jupiter.server.alteholz.net Share this post Link to post