wallenstein/void-packages
1
0
Fork 0
mirror of https://github.com/void-linux/void-packages.git synced 2025-06-05 06:33:50 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

ppp: patch for CVE-2020-8497, add vlicense

Browse source
This commit is contained in:
Andrew Benson 2020-03-06 07:23:09 -06:00 committed by Duncan Overbruck
parent b34e7524ac
commit 12d79272bd
2 changed files with 45 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

39
srcpkgs/ppp/patches/CVE-2020-8597.patch Normal file
View file

@ -0,0 +1,39 @@
https://github.com/paulusmack/ppp/commit/8d7970b8f3db727fe798b65f3377fe6787575426.patch
From 8d7970b8f3db727fe798b65f3377fe6787575426 Mon Sep 17 00:00:00 2001
From: Paul Mackerras <paulus@ozlabs.org>
Date: Mon, 3 Feb 2020 15:53:28 +1100
Subject: [PATCH] pppd: Fix bounds check in EAP code
Given that we have just checked vallen < len, it can never be the case
that vallen >= len + sizeof(rhostname). This fixes the check so we
actually avoid overflowing the rhostname array.
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
---
pppd/eap.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pppd/eap.c b/pppd/eap.c
index 94407f56..1b93db01 100644
--- pppd/eap.c
+++ pppd/eap.c
@@ -1420,7 +1420,7 @@ int len;
}
/* Not so likely to happen. */
- if (vallen >= len + sizeof (rhostname)) {
+ if (len - vallen >= sizeof (rhostname)) {
dbglog("EAP: trimming really long peer name down");
BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1);
rhostname[sizeof (rhostname) - 1] = '\0';
@@ -1846,7 +1846,7 @@ int len;
}
/* Not so likely to happen. */
- if (vallen >= len + sizeof (rhostname)) {
+ if (len - vallen >= sizeof (rhostname)) {
dbglog("EAP: trimming really long peer name down");
BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1);
rhostname[sizeof (rhostname) - 1] = '\0';

9
srcpkgs/ppp/template
View file

@ -1,12 +1,12 @@
# Template file for 'ppp' # Template file for 'ppp'
pkgname=ppp pkgname=ppp
version=2.4.7 version=2.4.7
revision=10 revision=11
makedepends="libpcap-devel libressl-devel" makedepends="libpcap-devel libressl-devel"
short_desc="PPP (Point-to-Point Protocol) daemon" short_desc="PPP (Point-to-Point Protocol) daemon"
homepage="https://ppp.samba.org/"
license="BSD-3-Clause, LGPL-2.0-or-later, GPL-2.0-or-later, Public Domain"
maintainer="Orphaned <orphan@voidlinux.org>" maintainer="Orphaned <orphan@voidlinux.org>"
license="BSD-3-Clause, LGPL-2.0-or-later, GPL-2.0-or-later, Public Domain"
homepage="https://ppp.samba.org/"
distfiles="https://ftp.samba.org/pub/ppp/ppp-$version.tar.gz" distfiles="https://ftp.samba.org/pub/ppp/ppp-$version.tar.gz"
checksum=02e0a3dd3e4799e33103f70ec7df75348c8540966ee7c948e4ed8a42bbccfb30 checksum=02e0a3dd3e4799e33103f70ec7df75348c8540966ee7c948e4ed8a42bbccfb30
make_dirs=" make_dirs="
@ -79,6 +79,9 @@ do_install() {
vinstall etc.ppp/pap-secrets 600 etc/ppp vinstall etc.ppp/pap-secrets 600 etc/ppp
vinstall etc.ppp/chap-secrets 600 etc/ppp vinstall etc.ppp/chap-secrets 600 etc/ppp
head -n67 pppd/main.c > LICENSE
vlicense LICENSE
} }
ppp-devel_package() { ppp-devel_package() {