CVE-2020-8597

[Paolo Cremonese]

Hi All,

does anybody know if for linux-sunxi distribution is applicable the vulnerability CVE-2020-8597  ?

If yes, there is a patch available ?

Thanks in advance

Paolo

[Priit Laes]

On Tue, Mar 10, 2020 at 05:58:55AM -0700, Paolo Cremonese wrote:
> Hi All,
> does anybody know if for linux-sunxi distribution is applicable the

> vulnerability *CVE-2020-8597 ?*

> If yes, there is a patch available ?

No. This is a bug in pppd package.

>
> Thanks in advance
>
> Paolo
>
> --
> You received this message because you are subscribed to the Google Groups "linux-sunxi" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to linux-sunxi...@googlegroups.com.
> To view this discussion on the web, visit https://groups.google.com/d/msgid/linux-sunxi/9f64fdb3-000d-4bb4-8dc6-4e1b2f47729e%40googlegroups.com.

[Sergey Lapin]

linux-sunxi is not distribution in OpenEmbedded vocabulary, it is
board support package, or BSP.
BSP does not contain any user-specific packages which are not platform
or board-specific.
You should see about Poky or Angstrom distribution about pppd package in use.
Check openembedded-core layer for pppd recipe.
https://git.openembedded.org/openembedded-core/tree/meta/recipes-connectivity/ppp/ppp_2.4.7.bb
You can apply patches locally if that is urgent issue for you.