From ae7ba71314760aee10a968a214cf7c1b66c638d89c6888d843c2cce23c6b6288 Mon Sep 17 00:00:00 2001 From: Reinhard Max Date: Fri, 13 Nov 2015 15:39:47 +0000 Subject: [PATCH] - bnc#927841, CVE-2015-3310: Fix buffer overflow in radius plug-in's rc_mksid(). OBS-URL: https://build.opensuse.org/package/show/network/ppp?expand=0&rev=32 --- ppp-CVE-2015-3310.patch | 13 +++++++++++++ ppp.changes | 6 ++++++ ppp.spec | 2 ++ 3 files changed, 21 insertions(+) create mode 100644 ppp-CVE-2015-3310.patch diff --git a/ppp-CVE-2015-3310.patch b/ppp-CVE-2015-3310.patch new file mode 100644 index 0000000..942edf1 --- /dev/null +++ b/ppp-CVE-2015-3310.patch @@ -0,0 +1,13 @@ +--- pppd/plugins/radius/util.c ++++ pppd/plugins/radius/util.c +@@ -77,7 +77,7 @@ rc_mksid (void) + static unsigned short int cnt = 0; + sprintf (buf, "%08lX%04X%02hX", + (unsigned long int) time (NULL), +- (unsigned int) getpid (), ++ (unsigned int) getpid () % 65535, + cnt & 0xFF); + cnt++; + return buf; + + diff --git a/ppp.changes b/ppp.changes index 768e4b1..4dda2a7 100644 --- a/ppp.changes +++ b/ppp.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Fri Nov 13 15:26:03 UTC 2015 - max@suse.com + +- bnc#927841, CVE-2015-3310: Fix buffer overflow in radius + plug-in's rc_mksid(). + ------------------------------------------------------------------- Wed Nov 19 03:11:00 UTC 2014 - Led diff --git a/ppp.spec b/ppp.spec index 33e4b68..ded859e 100644 --- a/ppp.spec +++ b/ppp.spec @@ -69,6 +69,7 @@ Patch19: ppp-2.4.4-strncatfix.patch Patch21: ppp-2.4.6-lib64.patch Patch22: ppp-2.4.4-var_run_resolv_conf.patch Patch23: ppp-send-padt.patch +Patch24: ppp-CVE-2015-3310.patch %description The ppp package contains the PPP (Point-to-Point Protocol) daemon, @@ -109,6 +110,7 @@ plugins for the pppd. %endif %patch22 %patch23 -p1 +%patch24 sed -i -e '1s/local\///' scripts/secure-card find scripts -type f | xargs chmod a-x find -type f -name '*.orig' | xargs rm -f