ppp: backport security fixes
authorPetr Štetiar <ynezz@true.cz>
Thu, 20 Feb 2020 08:03:54 +0000 (09:03 +0100)
committerJo-Philipp Wich <jo@mein.io>
Wed, 26 Feb 2020 15:38:43 +0000 (16:38 +0100)
commit35890514bb191de3ab96dcd684714850a9142efc
treedffaf554ef38e457d0c893b6798639862a07de3d
parent817e77531942e6cc541e6cc92c6eb3655fe63b23
ppp: backport security fixes

8d45443bb5c9 pppd: Ignore received EAP messages when not doing EAP
8d7970b8f3db pppd: Fix bounds check in EAP code
858976b1fc31 radius: Prevent buffer overflow in rc_mksid()

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Fixes: CVE-2020-8597
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
package/network/services/ppp/Makefile
package/network/services/ppp/patches/700-radius-Prevent-buffer-overflow-in-rc_mksid.patch [new file with mode: 0644]
package/network/services/ppp/patches/701-pppd-Fix-bounds-check-in-EAP-code.patch [new file with mode: 0644]
package/network/services/ppp/patches/702-pppd-Ignore-received-EAP-messages-when-not-doing-EAP.patch [new file with mode: 0644]