On Oct 16, Andrew Bartlett <abartlet+deb...@catalyst.net.nz> wrote: > I've prepared a a fix for CVE-2014-3158, an integer overflow potentially > permitting a user in the dip group to abuse the privileges of the setuid > root pppd binary by supplying a very, very long options line in > ~/.ppprc. Is this actually known to be exploitable? If you believe that it is worth fixing then your changes look fine to me.
-- ciao, Marco
signature.asc
Description: Digital signature
