Red Hat Product Errata RHSA-2020:0633 - Security Advisory

Issued:: 2020-02-27
Updated:: 2020-02-27

RHSA-2020:0633 - Security Advisory

Overview
Updated Packages

Synopsis

Important: ppp security update

Type/Severity

Security Advisory: Important

Topic

An update for ppp is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The ppp packages contain the Point-to-Point Protocol (PPP) daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an Internet Service Provider (ISP) or other organization over a modem and phone line.

Security Fix(es):

ppp: Buffer overflow in the eap_request and eap_response functions in eap.c (CVE-2020-8597)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64
Red Hat CodeReady Linux Builder for x86_64 8 x86_64
Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.1 x86_64
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.1 ppc64le
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.1 s390x
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.1 aarch64

Fixes

BZ - 1800727 - CVE-2020-8597 ppp: Buffer overflow in the eap_request and eap_response functions in eap.c

CVEs

CVE-2020-8597

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 8

SRPM
ppp-2.4.7-26.el8_1.src.rpm	SHA-256: f70bc83b0ebc173d7cd7fcda7e5def6c1fb628cf5bc6b9d122da7ed481eddaf7
x86_64
ppp-2.4.7-26.el8_1.x86_64.rpm	SHA-256: 01f69d0315ebcbc32cb9f00865e40102dcf5237212cab5e961b242007c62eccc
ppp-debuginfo-2.4.7-26.el8_1.x86_64.rpm	SHA-256: 0ea03501f9ad9cbeebead9f42e60fc476799fc447fa7b9c0c9cd128e959711b3
ppp-debugsource-2.4.7-26.el8_1.x86_64.rpm	SHA-256: c23b1884733d2fc2090ac8a65ef3b4ac3ab48169f3e7bcfd039e7050483230a1

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1

SRPM
ppp-2.4.7-26.el8_1.src.rpm	SHA-256: f70bc83b0ebc173d7cd7fcda7e5def6c1fb628cf5bc6b9d122da7ed481eddaf7
x86_64
ppp-2.4.7-26.el8_1.x86_64.rpm	SHA-256: 01f69d0315ebcbc32cb9f00865e40102dcf5237212cab5e961b242007c62eccc
ppp-debuginfo-2.4.7-26.el8_1.x86_64.rpm	SHA-256: 0ea03501f9ad9cbeebead9f42e60fc476799fc447fa7b9c0c9cd128e959711b3
ppp-debugsource-2.4.7-26.el8_1.x86_64.rpm	SHA-256: c23b1884733d2fc2090ac8a65ef3b4ac3ab48169f3e7bcfd039e7050483230a1

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
ppp-2.4.7-26.el8_1.src.rpm	SHA-256: f70bc83b0ebc173d7cd7fcda7e5def6c1fb628cf5bc6b9d122da7ed481eddaf7
s390x
network-scripts-ppp-2.4.7-26.el8_1.s390x.rpm	SHA-256: 73dd7f531e6ffdea662b80acb516e0c5f3af2d221065534fd8b8a2273fc740d6
ppp-2.4.7-26.el8_1.s390x.rpm	SHA-256: f0a6dd26e9caae9f937f2da56824362a153f384ee1eb62133915dace5cf2c229
ppp-debuginfo-2.4.7-26.el8_1.s390x.rpm	SHA-256: f294d3744db5545bb0a0f17f2c0e9dbba2319a0add1c13d1dff952880193a0e9
ppp-debuginfo-2.4.7-26.el8_1.s390x.rpm	SHA-256: f294d3744db5545bb0a0f17f2c0e9dbba2319a0add1c13d1dff952880193a0e9
ppp-debugsource-2.4.7-26.el8_1.s390x.rpm	SHA-256: 2272f84fe258e55c0988b6bb0099a4e32e9fcc3370e92ee6c66f8c956b7d06a4
ppp-debugsource-2.4.7-26.el8_1.s390x.rpm	SHA-256: 2272f84fe258e55c0988b6bb0099a4e32e9fcc3370e92ee6c66f8c956b7d06a4

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1

SRPM
ppp-2.4.7-26.el8_1.src.rpm	SHA-256: f70bc83b0ebc173d7cd7fcda7e5def6c1fb628cf5bc6b9d122da7ed481eddaf7
s390x
network-scripts-ppp-2.4.7-26.el8_1.s390x.rpm	SHA-256: 73dd7f531e6ffdea662b80acb516e0c5f3af2d221065534fd8b8a2273fc740d6
ppp-2.4.7-26.el8_1.s390x.rpm	SHA-256: f0a6dd26e9caae9f937f2da56824362a153f384ee1eb62133915dace5cf2c229
ppp-debuginfo-2.4.7-26.el8_1.s390x.rpm	SHA-256: f294d3744db5545bb0a0f17f2c0e9dbba2319a0add1c13d1dff952880193a0e9
ppp-debuginfo-2.4.7-26.el8_1.s390x.rpm	SHA-256: f294d3744db5545bb0a0f17f2c0e9dbba2319a0add1c13d1dff952880193a0e9
ppp-debugsource-2.4.7-26.el8_1.s390x.rpm	SHA-256: 2272f84fe258e55c0988b6bb0099a4e32e9fcc3370e92ee6c66f8c956b7d06a4
ppp-debugsource-2.4.7-26.el8_1.s390x.rpm	SHA-256: 2272f84fe258e55c0988b6bb0099a4e32e9fcc3370e92ee6c66f8c956b7d06a4

Red Hat Enterprise Linux for Power, little endian 8

SRPM
ppp-2.4.7-26.el8_1.src.rpm	SHA-256: f70bc83b0ebc173d7cd7fcda7e5def6c1fb628cf5bc6b9d122da7ed481eddaf7
ppc64le
ppp-2.4.7-26.el8_1.ppc64le.rpm	SHA-256: f91141cb62376ada42b55338bc05111de64ce4c26583dcec2b62547e9c2fef6c
ppp-debuginfo-2.4.7-26.el8_1.ppc64le.rpm	SHA-256: 4c8425b58fd18153c4de98fdd7608146a6883cb9097aace1f03f0efe0746de39
ppp-debugsource-2.4.7-26.el8_1.ppc64le.rpm	SHA-256: f0ccfd5548145e62fb75c547f22c41c642c740ec61d04980fc97f2e967cae8e7

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1

SRPM
ppp-2.4.7-26.el8_1.src.rpm	SHA-256: f70bc83b0ebc173d7cd7fcda7e5def6c1fb628cf5bc6b9d122da7ed481eddaf7
ppc64le
ppp-2.4.7-26.el8_1.ppc64le.rpm	SHA-256: f91141cb62376ada42b55338bc05111de64ce4c26583dcec2b62547e9c2fef6c
ppp-debuginfo-2.4.7-26.el8_1.ppc64le.rpm	SHA-256: 4c8425b58fd18153c4de98fdd7608146a6883cb9097aace1f03f0efe0746de39
ppp-debugsource-2.4.7-26.el8_1.ppc64le.rpm	SHA-256: f0ccfd5548145e62fb75c547f22c41c642c740ec61d04980fc97f2e967cae8e7

Red Hat Enterprise Linux for ARM 64 8

SRPM
ppp-2.4.7-26.el8_1.src.rpm	SHA-256: f70bc83b0ebc173d7cd7fcda7e5def6c1fb628cf5bc6b9d122da7ed481eddaf7
aarch64
ppp-2.4.7-26.el8_1.aarch64.rpm	SHA-256: 5ab6b6d4e9e53414c10b355bf74b02c185b9a5697d1e5291215f743f6aa3b77a
ppp-debuginfo-2.4.7-26.el8_1.aarch64.rpm	SHA-256: 40a6f736447c90162adaaaa8f8dde0b4192cb12240ff08ca62c0b97a5a0cc467
ppp-debugsource-2.4.7-26.el8_1.aarch64.rpm	SHA-256: e06c912e6471278ee42f577f137a114449a9f19600b8c66fe596ce8a512acd2c

Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1

SRPM
ppp-2.4.7-26.el8_1.src.rpm	SHA-256: f70bc83b0ebc173d7cd7fcda7e5def6c1fb628cf5bc6b9d122da7ed481eddaf7
ppc64le
ppp-2.4.7-26.el8_1.ppc64le.rpm	SHA-256: f91141cb62376ada42b55338bc05111de64ce4c26583dcec2b62547e9c2fef6c
ppp-debuginfo-2.4.7-26.el8_1.ppc64le.rpm	SHA-256: 4c8425b58fd18153c4de98fdd7608146a6883cb9097aace1f03f0efe0746de39
ppp-debugsource-2.4.7-26.el8_1.ppc64le.rpm	SHA-256: f0ccfd5548145e62fb75c547f22c41c642c740ec61d04980fc97f2e967cae8e7

Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1

SRPM
ppp-2.4.7-26.el8_1.src.rpm	SHA-256: f70bc83b0ebc173d7cd7fcda7e5def6c1fb628cf5bc6b9d122da7ed481eddaf7
x86_64
ppp-2.4.7-26.el8_1.x86_64.rpm	SHA-256: 01f69d0315ebcbc32cb9f00865e40102dcf5237212cab5e961b242007c62eccc
ppp-debuginfo-2.4.7-26.el8_1.x86_64.rpm	SHA-256: 0ea03501f9ad9cbeebead9f42e60fc476799fc447fa7b9c0c9cd128e959711b3
ppp-debugsource-2.4.7-26.el8_1.x86_64.rpm	SHA-256: c23b1884733d2fc2090ac8a65ef3b4ac3ab48169f3e7bcfd039e7050483230a1

Red Hat CodeReady Linux Builder for x86_64 8

SRPM
x86_64
ppp-2.4.7-26.el8_1.i686.rpm	SHA-256: d8d9ed0fbb5669eb71410e29a6d2242362c90d230918eab1be113e4f35023ac5
ppp-debuginfo-2.4.7-26.el8_1.i686.rpm	SHA-256: 31e91574f652ea97716502e9ac678cc8801c34163a25623201d8081f33dc75b8
ppp-debuginfo-2.4.7-26.el8_1.x86_64.rpm	SHA-256: 0ea03501f9ad9cbeebead9f42e60fc476799fc447fa7b9c0c9cd128e959711b3
ppp-debugsource-2.4.7-26.el8_1.i686.rpm	SHA-256: 4dea8c95ec24203e1a80323d5f6cd906e97fea94053e8bf095d09032ff74f5f3
ppp-debugsource-2.4.7-26.el8_1.x86_64.rpm	SHA-256: c23b1884733d2fc2090ac8a65ef3b4ac3ab48169f3e7bcfd039e7050483230a1
ppp-devel-2.4.7-26.el8_1.i686.rpm	SHA-256: 9208222688cb636842a98404919a0d92272e19c6b39659cf41ed4a88127813d5
ppp-devel-2.4.7-26.el8_1.x86_64.rpm	SHA-256: cee3d797597cd8f9827a535ff280d1565de46d00405d7c7dd2f2fb5a24c9601d

Red Hat CodeReady Linux Builder for Power, little endian 8

SRPM
ppc64le
ppp-debuginfo-2.4.7-26.el8_1.ppc64le.rpm	SHA-256: 4c8425b58fd18153c4de98fdd7608146a6883cb9097aace1f03f0efe0746de39
ppp-debugsource-2.4.7-26.el8_1.ppc64le.rpm	SHA-256: f0ccfd5548145e62fb75c547f22c41c642c740ec61d04980fc97f2e967cae8e7
ppp-devel-2.4.7-26.el8_1.ppc64le.rpm	SHA-256: ccd7da0ac1559e0e2a077ef02c393f79cbd3ca40eeb12a81f0d0ecbe4ff3fb0d

Red Hat CodeReady Linux Builder for ARM 64 8

SRPM
aarch64
ppp-debuginfo-2.4.7-26.el8_1.aarch64.rpm	SHA-256: 40a6f736447c90162adaaaa8f8dde0b4192cb12240ff08ca62c0b97a5a0cc467
ppp-debugsource-2.4.7-26.el8_1.aarch64.rpm	SHA-256: e06c912e6471278ee42f577f137a114449a9f19600b8c66fe596ce8a512acd2c
ppp-devel-2.4.7-26.el8_1.aarch64.rpm	SHA-256: 6200979f4a7ffee17de33ceeba16e357ac3fa08a21fa5dadbb094e60876f159f

Red Hat CodeReady Linux Builder for IBM z Systems 8

SRPM
s390x
ppp-debuginfo-2.4.7-26.el8_1.s390x.rpm	SHA-256: f294d3744db5545bb0a0f17f2c0e9dbba2319a0add1c13d1dff952880193a0e9
ppp-debugsource-2.4.7-26.el8_1.s390x.rpm	SHA-256: 2272f84fe258e55c0988b6bb0099a4e32e9fcc3370e92ee6c66f8c956b7d06a4
ppp-devel-2.4.7-26.el8_1.s390x.rpm	SHA-256: 34f9ebc51e05227eb4cb5fec11646dfe58aa9f6fab4ee9a4748ce6972338a9f4

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1

SRPM
ppp-2.4.7-26.el8_1.src.rpm	SHA-256: f70bc83b0ebc173d7cd7fcda7e5def6c1fb628cf5bc6b9d122da7ed481eddaf7
aarch64
ppp-2.4.7-26.el8_1.aarch64.rpm	SHA-256: 5ab6b6d4e9e53414c10b355bf74b02c185b9a5697d1e5291215f743f6aa3b77a
ppp-debuginfo-2.4.7-26.el8_1.aarch64.rpm	SHA-256: 40a6f736447c90162adaaaa8f8dde0b4192cb12240ff08ca62c0b97a5a0cc467
ppp-debugsource-2.4.7-26.el8_1.aarch64.rpm	SHA-256: e06c912e6471278ee42f577f137a114449a9f19600b8c66fe596ce8a512acd2c

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.1

SRPM
x86_64
ppp-2.4.7-26.el8_1.i686.rpm	SHA-256: d8d9ed0fbb5669eb71410e29a6d2242362c90d230918eab1be113e4f35023ac5
ppp-debuginfo-2.4.7-26.el8_1.i686.rpm	SHA-256: 31e91574f652ea97716502e9ac678cc8801c34163a25623201d8081f33dc75b8
ppp-debuginfo-2.4.7-26.el8_1.x86_64.rpm	SHA-256: 0ea03501f9ad9cbeebead9f42e60fc476799fc447fa7b9c0c9cd128e959711b3
ppp-debugsource-2.4.7-26.el8_1.i686.rpm	SHA-256: 4dea8c95ec24203e1a80323d5f6cd906e97fea94053e8bf095d09032ff74f5f3
ppp-debugsource-2.4.7-26.el8_1.x86_64.rpm	SHA-256: c23b1884733d2fc2090ac8a65ef3b4ac3ab48169f3e7bcfd039e7050483230a1
ppp-devel-2.4.7-26.el8_1.i686.rpm	SHA-256: 9208222688cb636842a98404919a0d92272e19c6b39659cf41ed4a88127813d5
ppp-devel-2.4.7-26.el8_1.x86_64.rpm	SHA-256: cee3d797597cd8f9827a535ff280d1565de46d00405d7c7dd2f2fb5a24c9601d

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.1

SRPM
ppc64le
ppp-debuginfo-2.4.7-26.el8_1.ppc64le.rpm	SHA-256: 4c8425b58fd18153c4de98fdd7608146a6883cb9097aace1f03f0efe0746de39
ppp-debugsource-2.4.7-26.el8_1.ppc64le.rpm	SHA-256: f0ccfd5548145e62fb75c547f22c41c642c740ec61d04980fc97f2e967cae8e7
ppp-devel-2.4.7-26.el8_1.ppc64le.rpm	SHA-256: ccd7da0ac1559e0e2a077ef02c393f79cbd3ca40eeb12a81f0d0ecbe4ff3fb0d

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.1

SRPM
s390x
ppp-debuginfo-2.4.7-26.el8_1.s390x.rpm	SHA-256: f294d3744db5545bb0a0f17f2c0e9dbba2319a0add1c13d1dff952880193a0e9
ppp-debugsource-2.4.7-26.el8_1.s390x.rpm	SHA-256: 2272f84fe258e55c0988b6bb0099a4e32e9fcc3370e92ee6c66f8c956b7d06a4
ppp-devel-2.4.7-26.el8_1.s390x.rpm	SHA-256: 34f9ebc51e05227eb4cb5fec11646dfe58aa9f6fab4ee9a4748ce6972338a9f4

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.1

SRPM
aarch64
ppp-debuginfo-2.4.7-26.el8_1.aarch64.rpm	SHA-256: 40a6f736447c90162adaaaa8f8dde0b4192cb12240ff08ca62c0b97a5a0cc467
ppp-debugsource-2.4.7-26.el8_1.aarch64.rpm	SHA-256: e06c912e6471278ee42f577f137a114449a9f19600b8c66fe596ce8a512acd2c
ppp-devel-2.4.7-26.el8_1.aarch64.rpm	SHA-256: 6200979f4a7ffee17de33ceeba16e357ac3fa08a21fa5dadbb094e60876f159f

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.