Issued:
2020-02-27
Updated:
2020-02-27

RHSA-2020:0631 - Security Advisory

Synopsis

Important: ppp security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for ppp is now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The ppp packages contain the Point-to-Point Protocol (PPP) daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an Internet Service Provider (ISP) or other organization over a modem and phone line.

Security Fix(es):

  • ppp: Buffer overflow in the eap_request and eap_response functions in eap.c (CVE-2020-8597)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server 6 x86_64
  • Red Hat Enterprise Linux Server 6 i386
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
  • Red Hat Enterprise Linux Workstation 6 x86_64
  • Red Hat Enterprise Linux Workstation 6 i386
  • Red Hat Enterprise Linux Desktop 6 x86_64
  • Red Hat Enterprise Linux Desktop 6 i386
  • Red Hat Enterprise Linux for IBM z Systems 6 s390x
  • Red Hat Enterprise Linux for Power, big endian 6 ppc64
  • Red Hat Enterprise Linux for Scientific Computing 6 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x

Fixes

  • BZ - 1800727 - CVE-2020-8597 ppp: Buffer overflow in the eap_request and eap_response functions in eap.c

Red Hat Enterprise Linux Server 6

SRPM
ppp-2.4.5-11.el6_10.src.rpm SHA-256: f5fc0e17edd2e875fb2d821c708f8ccbd31ff54e523ae6eecd5308d2a97288cf
x86_64
ppp-2.4.5-11.el6_10.x86_64.rpm SHA-256: dad6af65ede4dc5ab38a535e32406cda6560e412a52f60e6cad7fe0cce54f3a5
ppp-debuginfo-2.4.5-11.el6_10.i686.rpm SHA-256: a07038e9fb6f9312a61fe66b474e9755a2fb3214b3d6757ed98442c7ae50420a
ppp-debuginfo-2.4.5-11.el6_10.x86_64.rpm SHA-256: 8b4cdda0037a92961166a230b9ada445aeeff522cb4675b6c6d429ad60c4b86f
ppp-debuginfo-2.4.5-11.el6_10.x86_64.rpm SHA-256: 8b4cdda0037a92961166a230b9ada445aeeff522cb4675b6c6d429ad60c4b86f
ppp-devel-2.4.5-11.el6_10.i686.rpm SHA-256: 4d0e1bb4fdc21562faef13498136a9f85a9cfe190e8b2004bff37eaab6599825
ppp-devel-2.4.5-11.el6_10.x86_64.rpm SHA-256: a306f8fa07f4ff1cd7fc8a7efc36efa79497dff12b7800ee055efe73a3b3eacf
i386
ppp-2.4.5-11.el6_10.i686.rpm SHA-256: 0a2607e22859c1e12efe77589419e40605d8e495a921762865ea73deaa1cb164
ppp-debuginfo-2.4.5-11.el6_10.i686.rpm SHA-256: a07038e9fb6f9312a61fe66b474e9755a2fb3214b3d6757ed98442c7ae50420a
ppp-debuginfo-2.4.5-11.el6_10.i686.rpm SHA-256: a07038e9fb6f9312a61fe66b474e9755a2fb3214b3d6757ed98442c7ae50420a
ppp-devel-2.4.5-11.el6_10.i686.rpm SHA-256: 4d0e1bb4fdc21562faef13498136a9f85a9cfe190e8b2004bff37eaab6599825

Red Hat Enterprise Linux Server - Extended Life Cycle Support 6

SRPM
ppp-2.4.5-11.el6_10.src.rpm SHA-256: f5fc0e17edd2e875fb2d821c708f8ccbd31ff54e523ae6eecd5308d2a97288cf
x86_64
ppp-2.4.5-11.el6_10.x86_64.rpm SHA-256: dad6af65ede4dc5ab38a535e32406cda6560e412a52f60e6cad7fe0cce54f3a5
ppp-debuginfo-2.4.5-11.el6_10.i686.rpm SHA-256: a07038e9fb6f9312a61fe66b474e9755a2fb3214b3d6757ed98442c7ae50420a
ppp-debuginfo-2.4.5-11.el6_10.x86_64.rpm SHA-256: 8b4cdda0037a92961166a230b9ada445aeeff522cb4675b6c6d429ad60c4b86f
ppp-debuginfo-2.4.5-11.el6_10.x86_64.rpm SHA-256: 8b4cdda0037a92961166a230b9ada445aeeff522cb4675b6c6d429ad60c4b86f
ppp-devel-2.4.5-11.el6_10.i686.rpm SHA-256: 4d0e1bb4fdc21562faef13498136a9f85a9cfe190e8b2004bff37eaab6599825
ppp-devel-2.4.5-11.el6_10.x86_64.rpm SHA-256: a306f8fa07f4ff1cd7fc8a7efc36efa79497dff12b7800ee055efe73a3b3eacf
i386
ppp-2.4.5-11.el6_10.i686.rpm SHA-256: 0a2607e22859c1e12efe77589419e40605d8e495a921762865ea73deaa1cb164
ppp-debuginfo-2.4.5-11.el6_10.i686.rpm SHA-256: a07038e9fb6f9312a61fe66b474e9755a2fb3214b3d6757ed98442c7ae50420a
ppp-debuginfo-2.4.5-11.el6_10.i686.rpm SHA-256: a07038e9fb6f9312a61fe66b474e9755a2fb3214b3d6757ed98442c7ae50420a
ppp-devel-2.4.5-11.el6_10.i686.rpm SHA-256: 4d0e1bb4fdc21562faef13498136a9f85a9cfe190e8b2004bff37eaab6599825

Red Hat Enterprise Linux Workstation 6

SRPM
ppp-2.4.5-11.el6_10.src.rpm SHA-256: f5fc0e17edd2e875fb2d821c708f8ccbd31ff54e523ae6eecd5308d2a97288cf
x86_64
ppp-2.4.5-11.el6_10.x86_64.rpm SHA-256: dad6af65ede4dc5ab38a535e32406cda6560e412a52f60e6cad7fe0cce54f3a5
ppp-debuginfo-2.4.5-11.el6_10.i686.rpm SHA-256: a07038e9fb6f9312a61fe66b474e9755a2fb3214b3d6757ed98442c7ae50420a
ppp-debuginfo-2.4.5-11.el6_10.x86_64.rpm SHA-256: 8b4cdda0037a92961166a230b9ada445aeeff522cb4675b6c6d429ad60c4b86f
ppp-debuginfo-2.4.5-11.el6_10.x86_64.rpm SHA-256: 8b4cdda0037a92961166a230b9ada445aeeff522cb4675b6c6d429ad60c4b86f
ppp-devel-2.4.5-11.el6_10.i686.rpm SHA-256: 4d0e1bb4fdc21562faef13498136a9f85a9cfe190e8b2004bff37eaab6599825
ppp-devel-2.4.5-11.el6_10.x86_64.rpm SHA-256: a306f8fa07f4ff1cd7fc8a7efc36efa79497dff12b7800ee055efe73a3b3eacf
i386
ppp-2.4.5-11.el6_10.i686.rpm SHA-256: 0a2607e22859c1e12efe77589419e40605d8e495a921762865ea73deaa1cb164
ppp-debuginfo-2.4.5-11.el6_10.i686.rpm SHA-256: a07038e9fb6f9312a61fe66b474e9755a2fb3214b3d6757ed98442c7ae50420a
ppp-debuginfo-2.4.5-11.el6_10.i686.rpm SHA-256: a07038e9fb6f9312a61fe66b474e9755a2fb3214b3d6757ed98442c7ae50420a
ppp-devel-2.4.5-11.el6_10.i686.rpm SHA-256: 4d0e1bb4fdc21562faef13498136a9f85a9cfe190e8b2004bff37eaab6599825

Red Hat Enterprise Linux Desktop 6

SRPM
ppp-2.4.5-11.el6_10.src.rpm SHA-256: f5fc0e17edd2e875fb2d821c708f8ccbd31ff54e523ae6eecd5308d2a97288cf
x86_64
ppp-2.4.5-11.el6_10.x86_64.rpm SHA-256: dad6af65ede4dc5ab38a535e32406cda6560e412a52f60e6cad7fe0cce54f3a5
ppp-debuginfo-2.4.5-11.el6_10.i686.rpm SHA-256: a07038e9fb6f9312a61fe66b474e9755a2fb3214b3d6757ed98442c7ae50420a
ppp-debuginfo-2.4.5-11.el6_10.x86_64.rpm SHA-256: 8b4cdda0037a92961166a230b9ada445aeeff522cb4675b6c6d429ad60c4b86f
ppp-debuginfo-2.4.5-11.el6_10.x86_64.rpm SHA-256: 8b4cdda0037a92961166a230b9ada445aeeff522cb4675b6c6d429ad60c4b86f
ppp-devel-2.4.5-11.el6_10.i686.rpm SHA-256: 4d0e1bb4fdc21562faef13498136a9f85a9cfe190e8b2004bff37eaab6599825
ppp-devel-2.4.5-11.el6_10.x86_64.rpm SHA-256: a306f8fa07f4ff1cd7fc8a7efc36efa79497dff12b7800ee055efe73a3b3eacf
i386
ppp-2.4.5-11.el6_10.i686.rpm SHA-256: 0a2607e22859c1e12efe77589419e40605d8e495a921762865ea73deaa1cb164
ppp-debuginfo-2.4.5-11.el6_10.i686.rpm SHA-256: a07038e9fb6f9312a61fe66b474e9755a2fb3214b3d6757ed98442c7ae50420a
ppp-debuginfo-2.4.5-11.el6_10.i686.rpm SHA-256: a07038e9fb6f9312a61fe66b474e9755a2fb3214b3d6757ed98442c7ae50420a
ppp-devel-2.4.5-11.el6_10.i686.rpm SHA-256: 4d0e1bb4fdc21562faef13498136a9f85a9cfe190e8b2004bff37eaab6599825

Red Hat Enterprise Linux for IBM z Systems 6

SRPM
ppp-2.4.5-11.el6_10.src.rpm SHA-256: f5fc0e17edd2e875fb2d821c708f8ccbd31ff54e523ae6eecd5308d2a97288cf
s390x
ppp-2.4.5-11.el6_10.s390x.rpm SHA-256: c2f55921d92d8833f55b98d5b7d5d43711445ab811cbf29439379a6ec4827ebb
ppp-debuginfo-2.4.5-11.el6_10.s390.rpm SHA-256: c4395d78aeec65ad266466043b8d6a5329d4e64cc19d0cc3c103c2a9e1619a56
ppp-debuginfo-2.4.5-11.el6_10.s390x.rpm SHA-256: 12ee8fe8ea10f395451b822d31be3c29b88a44a2d727145a3513360061260400
ppp-debuginfo-2.4.5-11.el6_10.s390x.rpm SHA-256: 12ee8fe8ea10f395451b822d31be3c29b88a44a2d727145a3513360061260400
ppp-devel-2.4.5-11.el6_10.s390.rpm SHA-256: 62373a7bb017dc5fc4abcb76358d320bd02ad3fc557b02647573c224469c9cfb
ppp-devel-2.4.5-11.el6_10.s390x.rpm SHA-256: e8ea85a70bcc7e645785aa0f5cc29be3dc0bfb3e0f6c19670a6bace124e729bc

Red Hat Enterprise Linux for Power, big endian 6

SRPM
ppp-2.4.5-11.el6_10.src.rpm SHA-256: f5fc0e17edd2e875fb2d821c708f8ccbd31ff54e523ae6eecd5308d2a97288cf
ppc64
ppp-2.4.5-11.el6_10.ppc64.rpm SHA-256: f7a0e07644d5a43a719dc2696de337b48a6b62eb022380c4f21e9da6c5b3e1b8
ppp-debuginfo-2.4.5-11.el6_10.ppc.rpm SHA-256: 60a81638ae8eb31c001c7e58ae92f4b7e1225d308591bed501079f4d4279aacf
ppp-debuginfo-2.4.5-11.el6_10.ppc64.rpm SHA-256: 96f8eb1d8cea6cf6df81dc5ae4b975489f181fc05727cdeaccd0520b91cf8a42
ppp-debuginfo-2.4.5-11.el6_10.ppc64.rpm SHA-256: 96f8eb1d8cea6cf6df81dc5ae4b975489f181fc05727cdeaccd0520b91cf8a42
ppp-devel-2.4.5-11.el6_10.ppc.rpm SHA-256: 56e53ee15f71fac9234d5fd51f728ceb77456c1c82ac3da6934de314c37e31d9
ppp-devel-2.4.5-11.el6_10.ppc64.rpm SHA-256: 5757c5ddac64c1922c9e69f052ed0cf6bcdbd5c795d6f7c3935b5b6a47140483

Red Hat Enterprise Linux for Scientific Computing 6

SRPM
ppp-2.4.5-11.el6_10.src.rpm SHA-256: f5fc0e17edd2e875fb2d821c708f8ccbd31ff54e523ae6eecd5308d2a97288cf
x86_64
ppp-2.4.5-11.el6_10.x86_64.rpm SHA-256: dad6af65ede4dc5ab38a535e32406cda6560e412a52f60e6cad7fe0cce54f3a5
ppp-debuginfo-2.4.5-11.el6_10.i686.rpm SHA-256: a07038e9fb6f9312a61fe66b474e9755a2fb3214b3d6757ed98442c7ae50420a
ppp-debuginfo-2.4.5-11.el6_10.x86_64.rpm SHA-256: 8b4cdda0037a92961166a230b9ada445aeeff522cb4675b6c6d429ad60c4b86f
ppp-debuginfo-2.4.5-11.el6_10.x86_64.rpm SHA-256: 8b4cdda0037a92961166a230b9ada445aeeff522cb4675b6c6d429ad60c4b86f
ppp-devel-2.4.5-11.el6_10.i686.rpm SHA-256: 4d0e1bb4fdc21562faef13498136a9f85a9cfe190e8b2004bff37eaab6599825
ppp-devel-2.4.5-11.el6_10.x86_64.rpm SHA-256: a306f8fa07f4ff1cd7fc8a7efc36efa79497dff12b7800ee055efe73a3b3eacf

Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6

SRPM
ppp-2.4.5-11.el6_10.src.rpm SHA-256: f5fc0e17edd2e875fb2d821c708f8ccbd31ff54e523ae6eecd5308d2a97288cf
s390x
ppp-2.4.5-11.el6_10.s390x.rpm SHA-256: c2f55921d92d8833f55b98d5b7d5d43711445ab811cbf29439379a6ec4827ebb
ppp-debuginfo-2.4.5-11.el6_10.s390.rpm SHA-256: c4395d78aeec65ad266466043b8d6a5329d4e64cc19d0cc3c103c2a9e1619a56
ppp-debuginfo-2.4.5-11.el6_10.s390x.rpm SHA-256: 12ee8fe8ea10f395451b822d31be3c29b88a44a2d727145a3513360061260400
ppp-debuginfo-2.4.5-11.el6_10.s390x.rpm SHA-256: 12ee8fe8ea10f395451b822d31be3c29b88a44a2d727145a3513360061260400
ppp-devel-2.4.5-11.el6_10.s390.rpm SHA-256: 62373a7bb017dc5fc4abcb76358d320bd02ad3fc557b02647573c224469c9cfb
ppp-devel-2.4.5-11.el6_10.s390x.rpm SHA-256: e8ea85a70bcc7e645785aa0f5cc29be3dc0bfb3e0f6c19670a6bace124e729bc

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.