pool/net-snmp
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
f005ed495d
net-snmp/net-snmp-5.9.2.tar.gz.asc
Marcus Meissner ce2dd41ca5 Accepting request 986781 from home:abergmann:net-snmp:Factory 
- update to 5.9.2 (bsc#1201103):
  - security:
    - These two CVEs can be exploited by a user with read-only credentials:
      - CVE-2022-24805 A buffer overflow in the handling of the INDEX of
        NET-SNMP-VACM-MIB can cause an out-of-bounds memory access.
      - CVE-2022-24809 A malformed OID in a GET-NEXT to the nsVacmAccessTable
        can cause a NULL pointer dereference.
    - These CVEs can be exploited by a user with read-write credentials:
      - CVE-2022-24806 Improper Input Validation when SETing malformed
        OIDs in master agent and subagent simultaneously
      - CVE-2022-24807 A malformed OID in a SET request to
        SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an
        out-of-bounds memory access.
      - CVE-2022-24808 A malformed OID in a SET request to
        NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference
      - CVE-2022-24810 A malformed OID in a SET to the nsVacmAccessTable
        can cause a NULL pointer dereference.
- Refactor two patches to work with version number 5.9.2:
  delete:
  * net-snmp-5.9.1-pie.patch
  * net-snmp-5.9.1-fix-create-v3-user-outfile.patch
  add:
  * net-snmp-5.9.2-pie.patch
  * net-snmp-5.9.2-fix-create-v3-user-outfile.patch

OBS-URL: https://build.opensuse.org/request/show/986781
OBS-URL: https://build.opensuse.org/package/show/network:utilities/net-snmp?expand=0&rev=46
2022-07-06 11:22:09 +00:00

17 lines
833 B
Plaintext
Raw Blame History

-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEE0Pj0ldphYMRO/78Q8HudLayxn9YFAmK+Np4ACgkQ8HudLayx
n9ahDQ//eAyWxwbhIjhAlOltO4/nqO3HgJiyfaAgE4UopMDLs4RLEreMZFrBsLiO
R0NYkkwJMFzX2OIl0u0kA+2syXDwpIHJ4oNESGhGti825f0LBpptGxXHhEXFfxeY
ecpzyO+SFWkcJli71XLQ2y9LLOk3YrnF2PtySvluNFCJ85n8yW+oA4Rkz4d+7L/X
K7ywTofcpKBMOcR/uVqtuKMDiWSFwifZUOECDPjXkt/rnm9QhigWwp/TbtomD2Wh
rS82yAjcdGVHpE4aGVAEQR3TFXFwwZv+Lr1byaAXYtAoYUoyzR39U7t7vArfGGnB
Pe3Eui4R6g/tcczBz0pE2mbzMgIYjZamuPFhcd62ZWyjsHS+2/bkF3pfZddVMWqp
CSzw6kzjY3L3GpihhSUVc7avLnrSi+T6j09zSX5RHFdZVbClm3/loaKtCAd5HI4v
dyd3oQRm/L3ML6fuGld6YrwV9znq4BOJp564H0uJjzfN223MHP6bZei2OuHbCgsS
vEzt1RIbZRPO1k2OlPrUmbTSgM09Ki8srIVSAJLWmXKA18WHjHqXy9H09A0beLxP
ki9chY9Y9N4PCXILwkcSyRkAO0St5XW4DMmjUdIzGi7KYVJMLMME/ViF+IJnwYLa
Ze7VA84FvSYIUPSkG/OvTkT6zgtH6XOHKcXNvJLq5gTJh4Zkt7Q=
=TTtu
-----END PGP SIGNATURE-----
Reference in New Issue View Git Blame Copy Permalink