diff options
author | Ovidiu Panait <ovidiu.panait@windriver.com> | 2022-08-11 11:27:39 +0300 |
---|---|---|
committer | Khem Raj <raj.khem@gmail.com> | 2022-08-12 01:24:27 -0700 |
commit | bf4a826c7de51dcdac87f81fa2bd2301629d50db (patch) | |
tree | 9d0d80ad5ec2b55b0b309b767dd6bd00433db363 /meta-networking/conf/layer.conf | |
parent | 284f38a12b3c19387f2b92a0d4fcd75011b66716 (diff) | |
download | meta-openembedded-bf4a826c7de51dcdac87f81fa2bd2301629d50db.tar.gz |
net-snmp: upgrade 5.9.1 -> 5.9.3
Upgrade summary:
----------------
- drop 0002-configure-fix-a-cc-check-issue.patch, as it was replaced with
upstream commit https://github.com/net-snmp/net-snmp/commit/dbb49acfa2af
- drop 0001-snmpd-always-exit-after-displaying-usage.patch backport
- rebase net-snmp-5.7.2-fix-engineBoots-value-on-SIGHUP.patch manually
- refresh patches with devtool to get rid of fuzz
Changelog:
----------
*5.9.3*:
security:
- These two CVEs can be exploited by a user with read-only credentials:
- CVE-2022-24805 A buffer overflow in the handling of the INDEX of
NET-SNMP-VACM-MIB can cause an out-of-bounds memory access.
- CVE-2022-24809 A malformed OID in a GET-NEXT to the nsVacmAccessTable
can cause a NULL pointer dereference.
- These CVEs can be exploited by a user with read-write credentials:
- CVE-2022-24806 Improper Input Validation when SETing malformed
OIDs in master agent and subagent simultaneously
- CVE-2022-24807 A malformed OID in a SET request to
SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an
out-of-bounds memory access.
- CVE-2022-24808 A malformed OID in a SET request to
NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference
- CVE-2022-24810 A malformed OID in a SET to the nsVacmAccessTable
can cause a NULL pointer dereference.
- To avoid these flaws, use strong SNMPv3 credentials and do not share them.
If you must use SNMPv1 or SNMPv2c, use a complex community string
and enhance the protection by restricting access to a given IP address
range.
- Thanks are due to Yu Zhang of VARAS@IIE and Nanyu Zhong of VARAS@IIE for
reporting the following CVEs that have been fixed in this release, and
to Arista Networks for providing fixes.
Windows:
- WinExtDLL: Fix multiple compiler warnings
- WinExtDLL: Make long strings occupy a single line Make it easier to
look up error messages in the source code by making long strings
occupy a single source code line.
- WinExtDLL: Restore MIB-II support Make winExtDLL work on 64-bit
Windows systems") caused snmpd to skip MIB-II on 64-bit systems.
IF-MIB: Update ifTable entries even if the interface name has changed
At least on Linux a network interface index may be reused for a
network interface with a different name. Hence this patch that
enables replacing network interface information even if the network
interface name has changed.
unspecified:
- Moved transport code into a separate subdirectory in snmplib
- Snmplib: remove inline versions of container funcs".
misc:
- snmp-create-v3-user: Fix the snmpd.conf path @datadir@ is
expanded in ${datarootdir} so datarootdir must be set before
@datadir@ is used.
*5.9.2*:
skipped due to a last minute library versioning found bug -- use 5.9.3 instead
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-networking/conf/layer.conf')
0 files changed, 0 insertions, 0 deletions