Advisories » MGASA-2015-0173

Updated ppp packages fix CVE-2015-3310

Publication date: 30 Apr 2015
Modification date: 30 Apr 2015
Type: security
Affected Mageia releases : 4
CVE: CVE-2015-3310

Description

Updated ppp packages fix security vulnerability:

Emanuele Rocca discovered that ppp was subject to a buffer overflow when
communicating with a RADIUS server. This would allow unauthenticated users to
cause a denial-of-service by crashing the daemon (CVE-2015-3310).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=15714
• https://www.debian.org/security/2015/dsa-3228
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3310

SRPMS

4/core

• ppp-2.4.5-17.2.mga4