Package: ppp Severity: grave Tags: security Hi, the following vulnerability was published for ppp.
CVE-2014-3158[0]: Potential integer overflow in option parsing This is fixed in this commit https://github.com/paulusmack/ppp/commit/7658e8257183f062dc01f87969c140707c7e52cb and in the 2.4.7 upstream release. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3158 https://security-tracker.debian.org/tracker/CVE-2014-3158 http://marc.info/?l=linux-ppp&m=140764978420764 Please adjust the affected versions in the BTS as needed. Cheers, -- Raphaël Hertzog ◈ Debian Developer Discover the Debian Administrator's Handbook: → http://debian-handbook.info/get/ -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
