Advisories » MGASA-2014-0368

Updated ppp packages fix a security vulnerability

Publication date: 05 Sep 2014
Modification date: 05 Sep 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-3158

Description

Updated ppp packages fix security vulnerability:

A vulnerability in ppp before 2.4.7 may enable an unprivileged attacker to
access privileged options (CVE-2014-3158).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=13996
• https://lists.fedoraproject.org/pipermail/package-announce/2014-August/136932.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3158

SRPMS

3/core

• ppp-2.4.5-15.3.mga3

4/core

• ppp-2.4.5-17.1.mga4