| Release | Version |
|---|---|
| bullseye | 2.4.9-1+1 |
| bookworm | 2.4.9-1+1.1 |
| trixie | 2.5.2-1+1 |
| forky | 2.5.2-1+1.1 |
| sid | 2.5.2-1+1.1 |
| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2024-58250 | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | fixed | fixed | fixed | The passprompt plugin in pppd in ppp before 2.5.2 mishandles privilege ... |
| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2022-4603 | vulnerable | vulnerable | fixed | fixed | fixed | A vulnerability classified as problematic has been found in ppp. Affec ... |
| CVE-2008-5367 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to o ... |
| CVE-2008-5366 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local u ... |
| Bug | Description |
|---|---|
| CVE-2020-15704 | The modprobe child process in the ./debian/patches/load_ppp_generic_if ... |
| CVE-2020-8597 | eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overf ... |
| CVE-2018-11574 | Improper input validation together with an integer overflow in the EAP ... |
| CVE-2015-3310 | Buffer overflow in the rc_mksid function in plugins/radius/util.c in P ... |
| CVE-2014-3158 | Integer overflow in the getword function in options.c in pppd in Paul' ... |
| CVE-2006-2194 | The winbind plugin in pppd for ppp 2.4.4 and earlier does not check th ... |
| CVE-2004-1002 | Integer underflow in pppd in cbcp.c for ppp 2.4.1 allows remote attack ... |
| DSA / DLA | Description |
|---|---|
| DSA-4632-1 | ppp - security update |
| DLA-2097-1 | ppp - security update |
| DLA-205-1 | ppp - security update |
| DSA-3228-1 | ppp - security update |
| DSA-3079-1 | ppp - security update |
| DLA-74-1 | ppp - security update |
| DSA-1106 | ppp - programming error |