Subject: CVS commit: [netbsd-3-0] src/sys/net
To: None <source-changes@NetBSD.org>
From: Matthias Scheler <tron@netbsd.org>
List: source-changes
Date: 08/23/2006 20:14:15
Module Name: src
Committed By: tron
Date: Wed Aug 23 20:14:15 UTC 2006
Modified Files:
src/sys/net [netbsd-3-0]: if_spppsubr.c
Log Message:
Pull up following revision(s) (requested by adrianp in ticket #1476):
sys/net/if_spppsubr.c: revision 1.96
A problem has been identified in the in-kernel PPP code shared by ISDN PPP
interfaces ippp(4) and pppoe(4). Insufficient checking of options presented
by the peer may cause writing of copies of the malicious input beyond the
end of a buffer allocated for that purpose.
Issue found by pavel@
Fix from martin@
This is SA2006-019 (CVE-2006-4304)
To generate a diff of this commit:
cvs rdiff -r1.82 -r1.82.4.1 src/sys/net/if_spppsubr.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.