ppp: backport security fixes
authorPetr Štetiar <ynezz@true.cz>
Thu, 20 Feb 2020 08:03:54 +0000 (09:03 +0100)
committerJo-Philipp Wich <jo@mein.io>
Wed, 26 Feb 2020 15:40:43 +0000 (16:40 +0100)
commitcf118077cd4f909a7ad68e6efdc07fe93f63b650
tree46ed6e0d0f8be9d3060b42a07fb979cb550deb4b
parent0e9e5b15538e530a88572bc58c689afeba91c0fe
ppp: backport security fixes

8d45443bb5c9 pppd: Ignore received EAP messages when not doing EAP
8d7970b8f3db pppd: Fix bounds check in EAP code
858976b1fc31 radius: Prevent buffer overflow in rc_mksid()

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 215598fd03899c19a9cd26266221269dd5ec8cee)
Fixes: CVE-2020-8597
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
package/network/services/ppp/Makefile
package/network/services/ppp/patches/700-radius-Prevent-buffer-overflow-in-rc_mksid.patch [new file with mode: 0644]
package/network/services/ppp/patches/701-pppd-Fix-bounds-check-in-EAP-code.patch [new file with mode: 0644]
package/network/services/ppp/patches/702-pppd-Ignore-received-EAP-messages-when-not-doing-EAP.patch [new file with mode: 0644]