Package: ppp
Version: 2.4.4b1-1
Severity: important
pppd invokes SHA1_Update() from openssl, which assumes input buffer to
be word aligned without explicitly stating so in the documentation.
However, some "magic" strings in pppd are not word aligned. This causes
pppd to SIGBUS when, for example, ms-chap2 authentication is used on
platforms that choke on unaligned memory access, such as sparc.

I've reported to ppp developers, but they are unwilling to fix this
problem on their side. See:

http://ppp.samba.org/cgi-bin/ppp-bugs/resolved?id=1391

I've also sent an e-mail to openssl-users mailing list, still trying to
work out a satisfactory solution. I'm filing this bug report to give
Debian ppp package maintainer a head-up on this problem.

-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable')
Architecture: sparc (sparc64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.15-1-sparc64
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages ppp depends on:
ii  libc6                        2.3.6-7     GNU C Library: Shared libraries
ii  libpam-modules               0.79-3.1    Pluggable Authentication Modules f
ii  libpam-runtime               0.79-3.1    Runtime support for the PAM librar
ii  libpam0g                     0.79-3.1    Pluggable Authentication Modules l
ii  libpcap0.8                   0.9.4-1     System interface for user-level pa
ii  makedev                      2.3.1-81    creates device files in /dev
ii  netbase                      4.25        Basic TCP/IP networking system
ii  procps                       1:3.2.6-2.2 /proc file system utilities
ii  zlib1g                       1:1.2.3-11  compression library - runtime

ppp recommends no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to