Text only | Text with Images

Olimex Support Forum

OLinuXino Android / Linux boards and System On Modules => A20 => Topic started by: pac on March 26, 2020, 04:08:13 PM

Title: CVE-2020-8597 vulnerability for Linux OS
Post by: pac on March 26, 2020, 04:08:13 PM
Hi all,
the vulnerability CVE-2020-8597 affects Debian distributions, among others  (https://nvd.nist.gov/vuln/detail/CVE-2020-8597). Is there a patch for the Olimex official Jessie File System used for Olimex A20-LIME (i.e  a20_Lime_debian_3.4.103_Jessie_2G_release7) ?
Thanks in advance,
Paolo
Title: Re: CVE-2020-8597 vulnerability for Linux OS
Post by: JohnS on March 26, 2020, 06:37:00 PM
If you use pppd, you could rebuild pppd with a fix.

(Do you even have pppd enabled?)

John
Title: Re: CVE-2020-8597 vulnerability for Linux OS
Post by: LubOlimex on March 27, 2020, 10:02:13 AM
We haven't published any patches for 3.4.x kernels recently. The bug seems to have been found 02/03/2020 so I am pretty sure we haven't published any patch for it. We are focusing our maintaining efforts on the mainline images that we publish here:

ftp://staging.olimex.com/Allwinner_Images/A20-OLinuXino/
Text only | Text with Images