ppp: backport security fixes
authorPetr Štetiar <ynezz@true.cz>
Thu, 20 Feb 2020 08:03:54 +0000 (09:03 +0100)
committerJo-Philipp Wich <jo@mein.io>
Wed, 26 Feb 2020 15:42:06 +0000 (16:42 +0100)
commit4c1779ac2cb4face8676c470aa366161db7c6534
treea4a933bc07464b7a9c2c16237db53c8bd3c803cb
parentcd262f59cbf1bbf9af344196291d256e6a3351f1
ppp: backport security fixes

8d45443bb5c9 pppd: Ignore received EAP messages when not doing EAP
8d7970b8f3db pppd: Fix bounds check in EAP code
858976b1fc31 radius: Prevent buffer overflow in rc_mksid()

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 215598fd03899c19a9cd26266221269dd5ec8cee)
Fixes: CVE-2020-8597
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
package/network/services/ppp/Makefile
package/network/services/ppp/patches/700-radius-Prevent-buffer-overflow-in-rc_mksid.patch [new file with mode: 0644]
package/network/services/ppp/patches/701-pppd-Fix-bounds-check-in-EAP-code.patch [new file with mode: 0644]
package/network/services/ppp/patches/702-pppd-Ignore-received-EAP-messages-when-not-doing-EAP.patch [new file with mode: 0644]