Project

General

Profile

Bug #5378

CVE-2014-3158 ppp: integer overflow in option parsing

Added by Alexander Pyhalov over 5 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
-
Start date:
2014-12-01
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
needs-triage
Gerrit CR:

Description

There is a security update to ppp. The code is close enough to illumos, so I suspect that illumos ppp is also affected. Link to commit with fix in ppp repository - https://github.com/paulusmack/ppp/commit/7658e8257183f062dc01f87969c140707c7e52cb . Link to the issue in RedHat issue tracker: https://bugzilla.redhat.com/show_bug.cgi?id=1128748.

History

#1

Updated by Rich Lowe over 5 years ago

  • Subject changed from CVE-2014-3158 ppp: integer overflow in option parsing to CVE-2014-3158 ppp: integer overflow in option parsing
#2

Updated by Electric Monk over 5 years ago

  • Status changed from New to Closed
  • % Done changed from 0 to 100

git commit 084c18406d32a8fbb6b9a40d864e7c7ddb5b4d9d

commit  084c18406d32a8fbb6b9a40d864e7c7ddb5b4d9d
Author: Alexander Pyhalov <apyhalov@gmail.com>
Date:   2014-12-02T23:22:55.000Z

    5378 CVE-2014-3158 ppp: integer overflow in option parsing
    Reviewed by: Robert Mustacchi <rm@joyent.com>
    Approved by: Richard Lowe <richlowe@richlowe.net>

Also available in: Atom PDF