| Release | Version |
|---|---|
| jessie | 2.4.6-3.1+deb8u1 |
| stretch | 2.4.7-1+4+deb9u1 |
| buster | 2.4.7-2+4.1+deb10u1 |
| bullseye | 2.4.9-1+1 |
| bookworm | 2.4.9-1+1.1 |
| trixie | 2.5.0-1+2 |
| sid | 2.5.0-1+2 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-4603 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | A vulnerability classified as problematic has been found in ppp. Affec ... |
| CVE-2008-5367 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to o ... |
| CVE-2008-5366 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local u ... |
| Bug | Description |
|---|---|
| CVE-2020-15704 | The modprobe child process in the ./debian/patches/load_ppp_generic_if ... |
| CVE-2020-8597 | eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overf ... |
| CVE-2018-11574 | Improper input validation together with an integer overflow in the EAP ... |
| CVE-2015-3310 | Buffer overflow in the rc_mksid function in plugins/radius/util.c in P ... |
| CVE-2014-3158 | Integer overflow in the getword function in options.c in pppd in Paul' ... |
| CVE-2006-2194 | The winbind plugin in pppd for ppp 2.4.4 and earlier does not check th ... |
| CVE-2004-1002 | Integer underflow in pppd in cbcp.c for ppp 2.4.1 allows remote attack ... |
| DSA / DLA | Description |
|---|---|
| DSA-4632-1 | ppp - security update |
| DLA-2097-1 | ppp - security update |
| DLA-205-1 | ppp - security update |
| DSA-3228-1 | ppp - security update |
| DSA-3079-1 | ppp - security update |
| DLA-74-1 | ppp - security update |
| DSA-1106 | ppp - programming error |