-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3079-1 security@xxxxxxxxxx http://www.debian.org/security/ Sebastien Delafond November 28, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ppp CVE ID : CVE-2014-3158 Debian Bug : 762789 A vulnerability was discovered in ppp, an implementation of the Point-to-Point Protocol: an integer overflow in the routine responsible for parsing user-supplied options potentially allows a local attacker to gain root privileges. For the stable distribution (wheezy), this problem has been fixed in version 2.4.5-5.1+deb7u1. For the upcoming stable distribution (jessie) and unstable distribution (sid), this problem has been fixed in version 2.4.6-3. We recommend that you upgrade your ppp packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBCAAGBQJUebE3AAoJEBC+iYPz1Z1k5CkH/i0PP96MZO0RVj3TNDEcgEZY lWhvheeCOJRgasJI+ZJ+a9/vLWoG0lqXtIh8Ae5foe53rIJhddRGnJ7g8uUemq/S EBWD8hBfxwR38fCMkJrbMVQU9wI6ZiCBWLJ6Vy/VpOBsWiX+r6cjFNlLvr6DN85l iU88nGORe/oRqxWBaPrJL7P9YCgo9T4KFXESqd30u3CoRwCNcWPjLmC+siyO0H3C XEnNhWCWdUuzGaZ2bVLOA3fjztsTiRO5hOd0dPWOBTtmjOKXpVWPtf4uzqPhFQN9 aETiRTa3+6RT5IZmLT2ehO1vzUBIXz8+DHWDQKASAFJfUpZx3Ts8TycGQo2pnQ8= =u0Hd -----END PGP SIGNATURE-----
